urlscan.io logo urlscan.io
SecurityTrails logo

filesamples.com Open in urlscan Pro
2606:4700:3035::6815:11fc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://filesamples.com/
Effective URL: https://filesamples.com/
Submission: On June 01 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 9 countries across 58 domains to perform 227 HTTP transactions. The main IP is 2606:4700:3035::6815:11fc, located in United States and belongs to CLOUDFLARENET, US. The main domain is filesamples.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 21st 2022. Valid for: a year.
This is the only time filesamples.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
10 3.66.136.156 16509 (AMAZON-02)
13 142.250.185.162 15169 (GOOGLE)
7 151.101.66.137 54113 (FASTLY)
1 1 151.101.194.137 54113 (FASTLY)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 35.156.95.138 16509 (AMAZON-02)
1 204.237.133.116 3257 (GTT-BACKB...)
1 6 37.252.172.250 29990 (ASN-APPNEX)
1 185.255.84.150 200271 (IGUANE-)
2 51.89.9.252 16276 (OVH)
1 213.19.147.43 3356 (LEVEL3)
1 198.148.27.134 19189 (PULSEPOINT)
1 11 172.67.10.198 13335 (CLOUDFLAR...)
1 34.107.148.139 15169 (GOOGLE)
2 18.156.195.47 16509 (AMAZON-02)
1 1 147.75.38.124 54825 (PACKET)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
5 3.136.200.104 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 185.94.180.124 35220 (SPOTX-AMS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 35.158.166.215 16509 (AMAZON-02)
3 11 142.250.74.194 15169 (GOOGLE)
1 2 159.122.14.34 36351 (SOFTLAYER)
1 1 54.234.175.113 14618 (AMAZON-AES)
1 1 81.222.128.215 20597 (ELTEL-AS)
3 3 99.81.70.153 16509 (AMAZON-02)
1 1 202.241.208.100 4694 (IDCF IDC ...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 141.95.98.71 16276 (OVH)
1 2.22.32.24 16625 (AKAMAI-AS)
1 151.101.129.108 54113 (FASTLY)
1 198.148.27.140 19189 (PULSEPOINT)
3 23.35.236.201 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 185.64.190.78 ()
1 2 185.86.137.131 201081 (SMARTADSE...)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 2.20.157.55 16625 (AKAMAI-AS)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 1 23.88.75.187 24940 (HETZNER-AS)
1 2 37.157.4.23 ()
1 178.250.2.151 ()
2 3 52.48.107.84 ()
1 63.251.232.170 ()
1 195.5.165.20 ()
1 1 141.94.171.216 ()
2 35.71.131.137 ()
1 2a05:d018:d29... ()
1 2a02:fa8:8806... ()
1 66.155.71.25 ()
227 54
22    2606:4700:3035::6815:11fc (United States)

ASN13335 (CLOUDFLARENET, US)
filesamples.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ezodn.com
g.ezodn.com
go.ezodn.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    3.66.136.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
g.ezoic.net
13    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
7    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
capi.connatix.com
cds.connatix.com
img.connatix.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
5    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
basher.ezodn.com
id.a-mx.com
3    35.156.95.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-95-138.eu-central-1.compute.amazonaws.com
pb-server.ezoic.com
1    204.237.133.116 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
6    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    213.19.147.43 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
11    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
googleads.g.doubleclick.net
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
15    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
ins.connatix.com
3    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    3.136.200.104 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-200-104.us-east-2.compute.amazonaws.com
capi-tier-1-us-east-2.connatix.com
4    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4014:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    35.158.166.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-166-215.eu-central-1.compute.amazonaws.com
pm.w55c.net
11    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
2    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    54.234.175.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-175-113.compute-1.amazonaws.com
fksnk.com
1    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru
ssp.adriver.ru
3    99.81.70.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-70-153.eu-west-1.compute.amazonaws.com
match.360yield.com
ice.360yield.com
1    202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu
id5-sync.com
1    2.22.32.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-32-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
1    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
2    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
2    37.157.4.23 (None, )

ASN- ()
c1.adform.net
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
3    52.48.107.84 (None, )

ASN- ()
match.prod.bidr.io
1    63.251.232.170 (None, )

ASN- ()
cm.adgrx.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    141.94.171.216 (None, )

ASN- ()
pixel.onaudience.com
2    35.71.131.137 (None, )

ASN- ()
match.adsrvr.org
1    2a05:d018:d29:3601:6b88:e1e2:688e:aa3b (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    2a02:fa8:8806:20::2010 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    66.155.71.25 (None, )

ASN- ()
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
148 KB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
googleads.g.doubleclick.net
271 KB
22 filesamples.com
filesamples.com
356 KB
14 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 3465
cd.connatix.com — Cisco Umbrella Rank: 3085
cds.connatix.com — Cisco Umbrella Rank: 3207
ins.connatix.com — Cisco Umbrella Rank: 4945
capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 3823
img.connatix.com — Cisco Umbrella Rank: 3790
demo.connatix.com Failed
441 KB
11 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6133
csync.smilewanted.com — Cisco Umbrella Rank: 3720
static.smilewanted.com — Cisco Umbrella Rank: 10776
17 KB
11 ezodn.com
ezodn.com — Cisco Umbrella Rank: 7213
g.ezodn.com — Cisco Umbrella Rank: 53811
go.ezodn.com — Cisco Umbrella Rank: 7419
basher.ezodn.com — Cisco Umbrella Rank: 8935
235 KB
10 ezoic.net
g.ezoic.net — Cisco Umbrella Rank: 18202
14 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
acdn.adnxs.com — Cisco Umbrella Rank: 550
secure.adnxs.com Failed
30 KB
6 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 381
fonts.googleapis.com — Cisco Umbrella Rank: 42
745 KB
6 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5121
1 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 358
mug.criteo.com — Cisco Umbrella Rank: 2958
dis.criteo.com
2 KB
5 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 416
ads.pubmatic.com — Cisco Umbrella Rank: 413
image6.pubmatic.com
image2.pubmatic.com Failed
simage2.pubmatic.com Failed
image4.pubmatic.com Failed
33 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3818
ice.360yield.com — Cisco Umbrella Rank: 1608
1012 B
3 gstatic.com
www.gstatic.com
14 KB
3 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 388
sync.search.spotxchange.com — Cisco Umbrella Rank: 492
3 KB
3 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 820
pr-bh.ybp.yahoo.com
706 B
3 ezoic.com
pb-server.ezoic.com — Cisco Umbrella Rank: 9548
1 KB
2 adsrvr.org
match.adsrvr.org
529 B
2 adform.net
c1.adform.net
948 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494
dsum-sec.casalemedia.com Failed
2 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1374
417 B
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4358
sync-eu.connectad.io — Cisco Umbrella Rank: 2996
897 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 758
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 802
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
86 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 242
17 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1071
contextual.media.net — Cisco Umbrella Rank: 503
15 KB
2 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 2423
bh.contextweb.com — Cisco Umbrella Rank: 529
1004 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 741
362 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 onaudience.com
pixel.onaudience.com
417 B
1 iprom.net
core.iprom.net
279 B
1 adgrx.com
cm.adgrx.com
408 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 794
229 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 6462
696 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 600
622 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1636
1022 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 12161
340 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4057
614 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1087
452 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1201
171 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4424
886 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
39 KB
0 rfihub.com Failed
a.rfihub.com Failed
0 e-volution.ai Failed
rtb2-useast.e-volution.ai Failed
0 adkernel.com Failed
dsp.adkernel.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 taboola.com Failed
match.taboola.com Failed
0 exelator.com Failed
loada.exelator.com Failed
0 truffle.bid Failed
matching.truffle.bid Failed
0 tribalfusion.com Failed
s.tribalfusion.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
227 58
Domain Requested by
22 filesamples.com 1 redirects filesamples.com
13 securepubads.g.doubleclick.net filesamples.com
securepubads.g.doubleclick.net
cd.connatix.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
srcdoc
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
googleads.g.doubleclick.net
11 cm.g.doubleclick.net 3 redirects 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 g.ezoic.net filesamples.com
7 csync.smilewanted.com 1 redirects go.ezodn.com
csync.smilewanted.com
7 go.ezodn.com filesamples.com
go.ezodn.com
6 adservice.google.com securepubads.g.doubleclick.net
6 adservice.google.co.uk securepubads.g.doubleclick.net
6 ib.adnxs.com 1 redirects go.ezodn.com
acdn.adnxs.com
csync.smilewanted.com
googleads.g.doubleclick.net
5 capi-tier-1-us-east-2.connatix.com cd.connatix.com
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 cds.connatix.com cd.connatix.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 ads.pubmatic.com go.ezodn.com
csync.smilewanted.com
ads.pubmatic.com
3 www.gstatic.com 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
3 www.google.com tpc.googlesyndication.com
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
3 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid.smilewanted.com go.ezodn.com
3 pb-server.ezoic.com go.ezodn.com
2 googleads.g.doubleclick.net 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
filesamples.com
2 match.adsrvr.org ads.pubmatic.com
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
2 c1.adform.net 1 redirects ads.pubmatic.com
2 sync.search.spotxchange.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 match.360yield.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 www.googletagservices.com 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
2 fonts.googleapis.com 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
2 s0.2mdn.net imasdk.googleapis.com
filesamples.com
2 basher.ezodn.com go.ezodn.com
2 c2shb.ssp.yahoo.com go.ezodn.com
2 onetag-sys.com go.ezodn.com
2 capi.connatix.com cd.connatix.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 pixel.rubiconproject.com csync.smilewanted.com
1 ice.360yield.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 cdn.connectad.io csync.smilewanted.com
1 static.smilewanted.com csync.smilewanted.com
1 bh.contextweb.com go.ezodn.com
1 acdn.adnxs.com go.ezodn.com
1 contextual.media.net go.ezodn.com
1 id.a-mx.com go.ezodn.com
1 id5-sync.com go.ezodn.com
1 tg.socdm.com 1 redirects
1 ssp.adriver.ru 1 redirects
1 fksnk.com 1 redirects
1 search.spotxchange.com cd.connatix.com
1 img.connatix.com
1 ins.connatix.com cd.connatix.com
1 prebid.a-mo.net 1 redirects
1 prebid.media.net go.ezodn.com
1 bid.contextweb.com go.ezodn.com
1 tag.1rx.io go.ezodn.com
1 hb-api.omnitagjs.com go.ezodn.com
1 hbopenbid.pubmatic.com go.ezodn.com
1 cd.connatix.com 1 redirects
1 g.ezodn.com ezodn.com
1 ezodn.com filesamples.com
1 www.googletagmanager.com filesamples.com
0 a.rfihub.com Failed 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
0 rtb2-useast.e-volution.ai Failed 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
0 dsp.adkernel.com Failed 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
0 dsum-sec.casalemedia.com Failed googleads.g.doubleclick.net
0 secure.adnxs.com Failed ads.pubmatic.com
0 x.bidswitch.net Failed ads.pubmatic.com
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
0 image4.pubmatic.com Failed ads.pubmatic.com
0 match.taboola.com Failed ads.pubmatic.com
0 loada.exelator.com Failed ads.pubmatic.com
0 matching.truffle.bid Failed ads.pubmatic.com
0 s.tribalfusion.com Failed ads.pubmatic.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 image2.pubmatic.com Failed ads.pubmatic.com
0 cs.chocolateplatform.com Failed 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
0 demo.connatix.com Failed cd.connatix.com
227 91

This site contains links to these domains. Also see Links.

Domain
www.convertertools.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-21 -
2023-05-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.ezoic.net
Sectigo RSA Domain Validation Secure Server CA		 2021-09-30 -
2022-10-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.ezoic.com
Amazon		 2021-09-29 -
2022-10-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 52 frames:

Primary Page: https://filesamples.com/
Frame ID: CD317E16F1E42BFDFA4AA226ECDEA602
Requests: 94 HTTP requests in this frame

Frame: https://cds.connatix.com/p/164672/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Frame ID: 3B0C25F8BF0139AC910211A61F0FC9E0
Requests: 16 HTTP requests in this frame

Frame: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 98BAF63D587881FCDB9F61A5EF6F48C0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC8D738A182D8A8A09C5C24ADBDC9404
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D84918A226FA050490AD220B04AB215B
Requests: 2 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Frame ID: FCE4D7FCBDBAD5988D85F68035452222
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: A2FD3B4B998276E6AEB46EB41ADBAF12
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: D72B7559F47DF33ED9816959926552E6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: B5A35604D6017733C96F8EF71E403629
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2BCF4A33F57E84E2DE16C113E1206E7A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 56A94747CEB5BEA5A0A00C3E952AB3D6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5CBA3E2E7B2B5CD8ECD7C7661A5A19F7
Requests: 1 HTTP requests in this frame

Frame: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2FE3EE71AB92EBE2A633E2154E4509F6
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 58F342B2FC41B498EA624E5506C230C6
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1EF90ADB85F9D476A571D47F3EDC64C9
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 7B70BB8A3EE478B099CF17325ADE0FD7
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C3010%2C241%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C182%2C141%2C262%2C222%2C223%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: DD5EA088FFAFAFFD42B67407C5940F96
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 950ED07B79619EAC41F3EEAACEC618FB
Requests: 3 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 7B3A76D82D0D8F9FBC6509374181CF9C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1654122361141
Frame ID: 638CE901721191273CD4087D99328534
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Frame ID: C00602BEEA56623D8D818A108681E13B
Requests: 20 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 8C8355E5E7BB95F3ACDDA987492D3387
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=1246f00bc599c2aa49df0325cbf463f4
Frame ID: 580638C2400A235D2DA07DB6DE617FCB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: BCCBD00A812933EFC0062232B49F5D95
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: CBABA0B1774303CA5FA17CDFAD852E2E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/66ac07d0-00ba-492f-a3f2-14998ce77f4e&partner_id=1010
Frame ID: 0B2EC642D17564FFAFD629742FD074C4
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 7A77B2F87D49D56F2426A7B424716946
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: FA28DEFE735DF8F53A343901A00981A7
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 71EFC0082B7F17D1C3D252A2E6801DA4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YpfnfgzS7IYRVMaPrW1apgAA%26694
Frame ID: EDAB8931D2E42A818FE0997A3877A849
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/d402e827-e1f9-11ec-be47-1a3233820406
Frame ID: 02BFA586815FDEAA235C08D3FC032D38
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/ed6e8550-c119-49dd-9032-fd8054cf1f2b?gdpr_consent=null&gdpr=0
Frame ID: 518AB0E506FBD5E9ED4AB0713985ABC5
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=500996E2-3BB5-4B16-9311-9572A3A2A6EC
Frame ID: 390534B6DEF6C290EAB3018273A12900
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3281478612038668457
Frame ID: BA694B4824032700B71725E00AB21A59
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 8306D2F61E544A09D27A94E6B4660EA2
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E869A4CF863648A7F8A4E5446150838C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7104401465567672472
Frame ID: AC962EE982D2BBFA94A1BE70D08D2177
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7uuAVPiyTFl5JzezVVusB9mKxGk
Frame ID: 96C429CDD82617DA755B53BE8187B224
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YpfnfgAFwr7OYgAo&gdpr=0&gdpr_consent=&_test=YpfnfgAFwr7OYgAo
Frame ID: D10A93D69C97A98A40E22F7036F8B9EA
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 2EA2728792923DC1236BB529AD57D372
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B95F72ECAA24851561B747128B0C3F2B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 67C8556F05F15C1CAA4510CC8C3A6913
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: FC216BB292119B4A747E0F58D8476140
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: C4946F7AB8F01313866A40DFBB989AF9
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 69437ACB47097388EBA76BEC91874C4E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: E052916F31D9A03D2A1943A066B54984
Requests: 1 HTTP requests in this frame

Frame: https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgjTXTWMXRXVnRUaM
Frame ID: ADB59A8FCD0B1092D3824D50E9FE7342
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=307da0ad-64fa-4e88-9948-6ee385607b41-tuct9916cfe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 8A8701C6FE40689DD520920C36886101
Requests: 1 HTTP requests in this frame

Frame: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA24FE204D2EDB415FDC7F10619FB678
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYzY6AvwEwAQ&v=APEucNXfgaiGWRtpfVElIlmnwTf7miAoJb1z7uNAnAQMd-oF-EQQUUkQgBi2HTZZ727PKG9Wnm6rWViRBtihUGl2tle_tbcqK1IZ2CfF_zmo__DbSlaHXQ3eAoRMHhE8UIM1bcxf8eZDdDuA3kLTSzZ9NEE3KhYHZjUDIpNwyHdu74U-Hx0A-uR2I2d24k2c0646SGepodG-fmw_uNU0-z1NpfvueVHqPg
Frame ID: F23B70F04DB3273F9E3EB3F717A3CC71
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D49243F32CCC2332C17CB540731863CA
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 96EB984EDE1A764FB31C89B3DDE59C47
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free File Samples to Download - 185 Types Available

Page URL History Show full URLs

  1. http://filesamples.com/ HTTP 301
    https://filesamples.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

227
Requests

78 %
HTTPS

30 %
IPv6

58
Domains

91
Subdomains

54
IPs

9
Countries

2494 kB
Transfer

7595 kB
Size

49
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://filesamples.com/ HTTP 301
    https://filesamples.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
  • https://cds.connatix.com/p/164672/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Request Chain 50
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=e2eb1153-2134-42a3-b252-dae82c19a18f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 110
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENAQ3_x8c7nKe3-ZwmshqZQ&google_cver=1&google_push=AYg5qPL-uzaX70CqZQzWep8NHYYWWqvr-t_dRJ7CXqKkn_225IyNsfPtkYL_UNFdfyxZQPJPIpvVwK_D7kEwTWCpm7A58hljCOMl HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENAQ3_x8c7nKe3-ZwmshqZQ&google_cver=1&google_push=AYg5qPL-uzaX70CqZQzWep8NHYYWWqvr-t_dRJ7CXqKkn_225IyNsfPtkYL_UNFdfyxZQPJPIpvVwK_D7kEwTWCpm7A58hljCOMl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d25ZOHprNjcxTld3TVc1&google_gid=CAESENAQ3_x8c7nKe3-ZwmshqZQ&google_cver=1&google_push=AYg5qPL-uzaX70CqZQzWep8NHYYWWqvr-t_dRJ7CXqKkn_225IyNsfPtkYL_UNFdfyxZQPJPIpvVwK_D7kEwTWCpm7A58hljCOMl
Request Chain 111
  • https://um.simpli.fi/gp_match?google_gid=CAESEBe0tb6kFE0x2v0amUhFxN0&google_cver=1&google_push=AYg5qPLhjGW6Ssew5N5gGHbuI1txK5HoefvOZv94ZYrQopMLLpiGdeqMBMDUUjqp4r7YiuZ6lNa3LDjrqU3vW1puQp23n0jASgD- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD9AB5622DEA4E07A7260A599D6F3250&google_push=AYg5qPLhjGW6Ssew5N5gGHbuI1txK5HoefvOZv94ZYrQopMLLpiGdeqMBMDUUjqp4r7YiuZ6lNa3LDjrqU3vW1puQp23n0jASgD-
Request Chain 112
  • https://fksnk.com/cs/google?google_gid=CAESEIOO0rNjhiiFAAGjfvEmCD8&google_cver=1&google_push=AYg5qPImGwpp3JcCF1Wi48fqv_wyFfYlvgww2Kppcw_gHPAU9hQKKp7sbybG3dZml_OFnG25z6rVUlMWld0-9udLa8yPPtkAXM9n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDBGMUQ1QTIyQ0EyMUJBMQ==
Request Chain 113
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEMGG5siZzULgvm8oIl12DNI&google_cver=1&google_push=AYg5qPIYgr2K7go9vfNr8YmAYoTowPkf-3kk1-pFkUJvibBnOkeeVUyKypAFa6esVSljtQJqjVeg6C3fSSNeSMy_CEETydmf47tw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIYgr2K7go9vfNr8YmAYoTowPkf-3kk1-pFkUJvibBnOkeeVUyKypAFa6esVSljtQJqjVeg6C3fSSNeSMy_CEETydmf47tw&google_hm=QW1jTXhkb0xzcU9Fd0hqaXQ0VFJSU3c=
Request Chain 114
  • https://match.360yield.com/match/ebda?google_gid=CAESEMuQXt1xZFuKyHlyQQ8w4zk&google_cver=1&google_push=AYg5qPKWIp0GxEYb4RBujzuWMhm5VFzmzTG1WBbhfr47SO3vObVYDUy4YP-TwLWXpzghjc_iCQUMsE__dlLlzUhGEpvA7txnEcWg HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMuQXt1xZFuKyHlyQQ8w4zk&google_cver=1&google_push=AYg5qPKWIp0GxEYb4RBujzuWMhm5VFzmzTG1WBbhfr47SO3vObVYDUy4YP-TwLWXpzghjc_iCQUMsE__dlLlzUhGEpvA7txnEcWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZqwH0AC6SS-j8hSZjOd_Tg&google_push=AYg5qPKWIp0GxEYb4RBujzuWMhm5VFzmzTG1WBbhfr47SO3vObVYDUy4YP-TwLWXpzghjc_iCQUMsE__dlLlzUhGEpvA7txnEcWg
Request Chain 116
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEJAgsYl2dpwsNhFeJzJhKaE&google_cver=1&google_push=AYg5qPJiOpTUhNJMO8tG62rY5utSk1RhJUJ_HTfvGHXZIPnNddmWm_jnm9wXUVHAWYim6cm-UvPgIek5DAl-JiTPNS1uPpPMx4D- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPJiOpTUhNJMO8tG62rY5utSk1RhJUJ_HTfvGHXZIPnNddmWm_jnm9wXUVHAWYim6cm-UvPgIek5DAl-JiTPNS1uPpPMx4D-&google_hm=WXBmbmU4Q281c0VBQUVQaVZ2VUFBQUFB
Request Chain 129
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffilesamples.com%2F&domain=filesamples.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=yahAdnwvVGlRVjF5cE1tcEZiWnFDNGVBMTF5OG9JUVg2Wnh1V0dDK0xaMEk5OThqYUtlL2FkVlNhZ05BblpTUjJuR2V0QkNNNW9mM1Exei9SeWF4d1hNQzR2b0RkMnV3b1YrSkdaU05hZWcwZG1NWllwQllGOThOVkJsRmc1OFMrdnRzS3Ixc0tRYjdoVU92NHdnWHNjeFRvOEFueUJDOVFiOVhkVCsza3BoZ1pVcmdBelVQR3EwTk8vQ3VxazhNWGpXdXA3Z3YxaFBXRzAzMG1ISmp0THN1SnBpeGdyYVYrY00yQVByeWFrOVNsRkhJPXw&cppv=2
Request Chain 141
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=1246f00bc599c2aa49df0325cbf463f4
Request Chain 144
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 146
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/66ac07d0-00ba-492f-a3f2-14998ce77f4e&partner_id=1010
Request Chain 150
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YpfnfgzS7IYRVMaPrW1apgAA%26694
Request Chain 151
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=d402e875-e1f9-11ec-be47-1a3233820406 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/d402e827-e1f9-11ec-be47-1a3233820406
Request Chain 152
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/ed6e8550-c119-49dd-9032-fd8054cf1f2b?gdpr_consent=null&gdpr=0
Request Chain 160
  • https://c1.adform.net/serving/cookie/match?party=14&cid=500996E2-3BB5-4B16-9311-9572A3A2A6EC HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=500996E2-3BB5-4B16-9311-9572A3A2A6EC
Request Chain 161
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3281478612038668457
Request Chain 164
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7104401465567672472
Request Chain 165
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7uuAVPiyTFl5JzezVVusB9mKxGk
Request Chain 166
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YpfnfgAFwr7OYgAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YpfnfgAFwr7OYgAo&gdpr=0&gdpr_consent=&_test=YpfnfgAFwr7OYgAo
Request Chain 167
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGNk8wN0ZMODhBQUZOdW1KQUdOZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 169
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 170
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 173
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1654122366628 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 174
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgjTXTWMXRXVnRUaM
Request Chain 175
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=307da0ad-64fa-4e88-9948-6ee385607b41-tuct9916cfe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UAmW4ju1SxaTEZVyo6Km7A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 178
  • https://pixel.onaudience.com/?partner=214&mapped=500996E2-3BB5-4B16-9311-9572A3A2A6EC HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTAwOTk2RTItM0JCNS00QjE2LTkzMTEtOTU3MkEzQTJBNkVD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHxwh-VkYQxWsSZw_o_-3bE&google_cver=1
Request Chain 182
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2515579688149388883
Request Chain 184
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1305826402125705105&gdpr=0&gdpr_consent=
Request Chain 185
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bO2y6D_ovLp35u7pbL6muzzu7e13u-3naO8H4YD4
Request Chain 187
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=500996E2-3BB5-4B16-9311-9572A3A2A6EC&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=500996E2-3BB5-4B16-9311-9572A3A2A6EC&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xvvdOYtE2uVCQc0SLs8yztLxlHmz8fA-~A&gdpr=0&gdpr_consent=
Request Chain 188
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 190
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3186348006765209032&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 191
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:47e27b2e-c894-46a6-8c88-2e43460ee3c8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 193
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEF8avARainHieiVzgB0lfI&google_cver=1
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL0sszhrNOiujsHkX4H2tF8&google_cver=1
Request Chain 213
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwNTgyNjQwMjEyNTcwNTEwNQ%3D%3D

227 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
filesamples.com/
Redirect Chain
  • http://filesamples.com/
  • https://filesamples.com/
117 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c4e6cb2e31f51081fbac3c2943b118b4ddc3b8cbf243c8fa438d0065b4688db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
714b5e4d7f2159d1-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:00 GMT
display
pub_site_sa_sol
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 31 May 2022 22:26:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHR12R6qhJu77NZGRIAaJ7qYGVjsSeJLKZGzAXETqB1iGXd6wQty6aZ1yb6AfSxnDyr1vPC2009efDW8gkM2bPUohwvrZAdWdndUoNB64f7G%2BTSqiXV%2F9c1%2BC53xLkthcreop2nK7DWFJAy2%2Fyw%3D"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
vary
Accept-Encoding User-Agent,Accept-Encoding
x-ezoic-cdn
Hit ds;mm;e9310c534d998708910b1bf11118630d;2-176527-2;e298507a-925a-4f2e-4ca8-472ece0ddd23
x-middleton-display
pub_site_sa_sol
x-middleton-response
200
x-origin-cache-control
no-cache, private
x-sol
pub_site

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
714b5e4bca1b59b9-MXP
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Type
text/html
Date
Wed, 01 Jun 2022 22:25:59 GMT
Display
staticcontent_sol
Location
https://filesamples.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pagespeed
off
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FLqKvXu2qpRAuJOvV1Q1obMtRLFkGH%2FTR3FWFPV%2B5QgZlSgmfWaslVTZ%2FLbrbLnzcN9a3WmyekKoAKV7DXg8W5oE5hE8D9Pz2FoD8TJP1MWT4UpVTSu39oInD4kpEEuCMSw%2BWPBDSow0rz2Pno%3D"}],"group":"cf-nel","max_age":604800}
Response
301
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent,Origin,Accept-Encoding
X-Ezoic-Cdn
Hit ds;mm;a5b43c715634a078e793fe6efb8d1e9e;2-176527-2;dafff0dd-3fa3-4a6c-5b8e-52101b756380
X-Middleton-Display
staticcontent_sol
X-Middleton-Response
301
X-Origin-Cache-Control
X-Sol
pub_site
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.css
filesamples.com/css/ 		134 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/css/app.css?id=2606f4ee2210f66ed40b
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8866434080a80329d0fcf99f32c9125b0ce75612ce93741ab3e6051b6e22f2e9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
vary
Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status
HIT
x-sol
orig
age
28565135
x-ezoic-cdn
Hit ds;mm;b8a1e90a61987660a5843d1aaf5ce472;2-176527-2;b3bf2ea5-dd33-40ee-59d0-3bbc9c0a6efe
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Tue, 29 Jun 2021 16:36:38 GMT
server
cloudflare
etag
W/"6095aebc-219e7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUKWyQVN1eUVBV5rLs%2F34IQXmhz%2BOhMlLWL9cgTJIHHkojG9hbkcCpw2u0xWtkHavLbybYoJyk9BwM0Miz%2B4UkWAu6So%2F4qrcdrgCEgRCos%2BICaLpv6Cfobm3BPNJ3X6Xq6EZ8Z54Gb78Yv8bqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
714b5e4efb9259d1-MXP
display
staticcontent_sol, orig_site_sol
js
www.googletagmanager.com/gtag/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-154360290-1
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2d50a8461b202821e22627b6e39b548afe6c5ea22d95be316ccb970c1ddb9fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39623
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 21:58:52 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Jun 2022 22:26:00 GMT
boise.js
filesamples.com/detroitchicago/ 		983 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/detroitchicago/boise.js?gcb=195-2&cb=1
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qv2f0EK71BPPs8498eZzcBud8JPQHceSooN5qIRgcbY70YTsK3y2f6uXJ4x8xpKMjnsQBAbp3v2E8cvU0XI8bBZdMpszspJNFXm3%2BGoxDMGU70JGB48I2nKuPMeqpJ5I80by4aMSgVaLTPRA6F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e4f7d970f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
memphis.js
filesamples.com/detroitchicago/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e34ee9c29fca0e065bf19aefa870945e9d47cb92df2ecd332e0466b686d69d4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BQwTeqdsR4g3mE5RL7e0V52dgtuVgMisiydX4q7Hjk2Lx%2FCm%2B5oEBgwbGZL45GdVrF%2FdlIK%2BSruwFW3R8EddWyBe2g4TsI14aNVTMBxxxvnbh0ut%2FRWn3S8pRs0kXYOfBsFiiUkTUSQGTunJoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e4f7d990f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
minneapolis.js
filesamples.com/detroitchicago/ 		864 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/detroitchicago/minneapolis.js?gcb=195-2&cb=3
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m76N0uGOSvUfTxAys4g4G4B76caVDQ9oVyNXSAivozpxw%2FQuk5576pTRg59PpmgCVy%2FmKM8sMRpyb8lyOXd08bQEiZxb7fhAg4hpMrT%2BMHl0rtrYzfoBVTBLoIq%2FnPT%2BOxP1H4KA1M7Ph43wR44%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e4f7d9b0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
raleigh.js
filesamples.com/detroitchicago/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/detroitchicago/raleigh.js?gcb=195-2&cb=5
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qTn2%2BwVWZmDvDpPin%2BOcbJSP7QxqyMdBbd4Tmvr0t%2BRYFnMwzLBrhTV%2B%2BSEslgoFgsUwWYhmgJjyeLz9u5z9uKXBBqphs0REVfyZR%2BqcKHXWFdkW6N6F9XOYj%2F8yZHjcIolGEnFvfmMB%2FyvVWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e4f7d9c0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
tampa.js
filesamples.com/detroitchicago/ 		955 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/detroitchicago/tampa.js?gcb=195-2&cb=4
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d4af0388e203196017340fee6ff0513441d72eda6f69f5f2b3878b1ea980717

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5Slpc%2FQnYDnipH7ZCl3IoNAbd6cDLONjLS1hdmCrF%2F0oDNvGDlpN%2FHkJmnWUrdJ%2F%2BlTcJRktKhb9zCCUg%2FDJuZTV6Y5BdUUgmsk8Ms3DvX98ND2kQxTbd%2BE3FTnKTIFoKqxBnAWVGNPNYRLBw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e4f7d9e0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
tulsa.js
filesamples.com/detroitchicago/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/detroitchicago/tulsa.js?gcb=195-2&cb=5
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
636e5f5b2eebe0800656a171c6ee9d34ee67cbae3d745983c48d4a5474421d53

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgEY8qRELBaHIvDAjPxHYyXJo3MACXInKFnycbs2UE%2F3OSwPHzp2JGYNzAQTvzFVeyDliz%2BgYss8vDolDjMykNWIECaH72UYRr92tpenGaBpuFKuiIj5WIX2jrzCeidQsJAHN9oXlVMXczHpsGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e4f7d9f0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
app.js
filesamples.com/js/ 		409 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/js/app.js?id=470abe2814b3a3da045f
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
849c430c31cceb0455b9cdc506aaea6d1a482fd01bb964acf22685a79a5649a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
611725
x-ezoic-cdn
Bypass
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
response
200
last-modified
Thu, 19 May 2022 18:31:00 GMT
server
cloudflare
etag
W/"6095aebd-663fb-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJ1VbMocT6L5kt0pLcLZyE3n5Q708MusiTm8Lr6d7VHzjmgn7Mqg6LSgRmPnnvYKoEyx8H4yb9AwqZ5RNqcAtZIQiKW4a3267DWInB79ZaKWYlodiBZumWjiWUdPDPbPtCegXh%2BPYxmbu9OBTbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
714b5e4f1bd959d1-MXP
display
staticcontent_sol
altconsent.js
ezodn.com/cmp/ 		396 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ezodn.com/cmp/altconsent.js?v=9
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4adb3837e4411342aa9b52dafd1646c32196b17c56c5420b77b9abebebe0f4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 Mar 2022 02:01:42 GMT
server
cloudflare
age
454846
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpQCbSZJXdkpUgHVztTlRUUrEhTHUhK5ERX16omBdjcGdp7SSp9smTXS4dB2muo2zVwlvzAmntiPcw0TeFEBn2dwc9rYVBIA0kkq2fHui0D5q%2B06ms4omyUzIHwmh%2FAhxTEba7dVcQw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e4ffde483ba-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ezcl.webp
filesamples.com/utilcave_com/inc/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
BYPASS
x-sol
middleton
server
cloudflare
display
staticcontent_sol
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEEclS2ZLrZuVWqc8BgfDq6pBCAiXt%2B2GR63LwJ%2Bp9Mc%2BNn5tMknoK7CW0%2F6sDFZS3JIVbTq4GjML8kaapakK5OEK3mZDaq3vU4NnTmEj5IUtHGWH734Xb2%2B10erUS%2FtFrTg57c9gefGIdIIrFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
staticcontent_sol
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e4f7da00f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.png
filesamples.com/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filesamples.com/logo.png
Requested by
Host: filesamples.com
URL: https://filesamples.com/css/app.css?id=2606f4ee2210f66ed40b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207fec9ba245692b4c407e8da8951095a287b8d40db9b0a852a4aca07c6a3855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/css/app.css?id=2606f4ee2210f66ed40b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1645
x-ezoic-cdn
Hit ds;ds;84ff139ef9393aacf6db596f30ecb4ed;2-176527-2;85d526e6-5392-49c3-5f0e-80fa154dee6a
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
response
200
last-modified
Thu, 19 May 2022 18:31:00 GMT
server
cloudflare
etag
W/"5def0a8a-5312-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGCGTq6v%2FstyZLgULhWAyOL6Da8%2BtkKDcxOp2GdDN3JJ8A1tkud%2B5qa%2FiLdbHjkhOteoANI8ns7nlQbBzeKchTIfXI83FO8tV7v5rg3JMP3nuc%2Fjd3N2kIhpmkhFz3tb8P7fOwpZCAZ97GiDMMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
714b5e4f8dac0f82-MXP
display
staticcontent_sol
webfa-solid-900.woff2
filesamples.com/fonts/vendor/@fortawesome/fontawesome-free/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?8e1ed89b6ccb8ce41faf5cb672677105
Requested by
Host: filesamples.com
URL: https://filesamples.com/css/app.css?id=2606f4ee2210f66ed40b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Request headers

Referer
https://filesamples.com/css/app.css?id=2606f4ee2210f66ed40b
Origin
https://filesamples.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
vary
Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
232666
x-ezoic-cdn
Hit ds;ms;5f97c21ede57be4dd85256ba94683ca7;2-176527-2;e244c408-b442-453c-65b8-9f302e13f759
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
response
200
last-modified
Thu, 19 May 2022 18:31:00 GMT
server
cloudflare
etag
W/"5def0b1f-127d0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://filesamples.com
cache-control
public, max-age=2592000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZeZtQpUPexvk3AYRkxpkMnXkmBm2h8hd85gFO7unb4gMPk127MyFtEt0PeOdPm%2FMgzbxxqDH1su9PWbbpwYZr4KQjCokrjU0IJKYV8OB4%2F9k4Jt8LluUY7Q3h4gAni2ecWbl69VkbodTqW3PLY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
714b5e4f8dae0f82-MXP
display
staticcontent_sol
logo_footer.png
filesamples.com/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filesamples.com/logo_footer.png
Requested by
Host: filesamples.com
URL: https://filesamples.com/css/app.css?id=2606f4ee2210f66ed40b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b82ea470ebc8fc2c91d93a6bc279c1ef1e304cc66e97bb5ce77371bd0e8795

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/css/app.css?id=2606f4ee2210f66ed40b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3687424
x-ezoic-cdn
Bypass
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
response
200
last-modified
Thu, 14 Apr 2022 18:12:37 GMT
server
cloudflare
etag
W/"5deee793-7132-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlZvKpLkn75bLnud%2FSf5brbIOYN6suTKlOlKFhHw3%2F6q8wQMgunIKqsHhHL%2B06nfpKwzcnhmPEaW8WeerzNVNfIjILjQZgq9fgTkmhEf1T8KYMGvptNPppr5qIJzfKMO9Hsp%2FlBiVyfyeeJdIV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
714b5e4fadef0f82-MXP
display
staticcontent_sol
jellyfish.webp
filesamples.com/porpoiseant/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/porpoiseant/jellyfish.webp?a=a&cb=195-2&shcb=34
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa7bdac43a2bedabe35a56d982b3ce99cdfc5cb359d6eef5feb14d472b6c98b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyamfcM3%2BN3P83zn9ZJzE93POz82tCzKV536ft3t12d9Stz2pKWOEEBwgU9idSkd6omv4gw4pxgHb2C%2F1GQJoNDSe1Z2mdrVEmWSmrATDL3ICcvAZW5UhYd2fprjb2b6Yqlk9%2B1CSsNsMBekpfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e505ec70f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
drake.js
filesamples.com/beardeddragon/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/beardeddragon/drake.js?gcb=2&cb=4
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb69f440fa1cce53b1205d707aae594a5d3d318fc2a53d92bd6901399e78e886

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKUoN%2FdMKHwZtl2a94HMGj0rK7gIR2HXTB%2Bm7PPSl%2Bo0DAKw%2F8sfyjda28qG43EFOOS88BAPqSN0vBSvGkTqDPdkGtejbEMj%2FyJ5t9%2FKLid95nPuaVMh88lpEfgbkCsufVujMuU4V2vilCFI8IY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e505eca0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154360290-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3074
date
Wed, 01 Jun 2022 21:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Jun 2022 23:34:46 GMT
rochester.js
filesamples.com/detroitchicago/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/detroitchicago/rochester.js?gcb=195-2&cb=12
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60336c13eea75c96878f24585b6f20a843e7ce7fd3f23af03f6ccad8d9119690

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PzKa2FVlcFOxqWkFvrUzeTudnotkT62WLkF8UaTCht8zpCh7IivrRBNJbGPlGCW2aV2I9jv4AMrkUzmHHTdKcGXVVxjAArDix0x0VTdrD5EpXX0inswj3h9ZXWgJtml7kp0mf%2FjrJ4ctZTLrls%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e506eda0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
edmonton.webp
filesamples.com/detroitchicago/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/detroitchicago/edmonton.webp?a=a&cb=195-2&shcb=34
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d9c9f6bbfd42b7c3c63a20fb54ba49978b53f6b981fbabe4d56dd90b2b44ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LELm4zLUhSThpYb4xvbtU3tkEp60QlVpmqIcYojpSCyXzwmnKsV5YoJ8AS0TkYpTzRyrt7e9k8MbgpmfW4HkhhsgzXnu0C2GNXQT7PdUUfvvkPXicjO8vSU9mIVqxeBAeV50tM8pGU0lXIi1sGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e506edb0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
vitals.js
filesamples.com/tardisrocinante/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/tardisrocinante/vitals.js?gcb=2&cb=3
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySHI6DIcE3f3dD%2B1nuykn10hkvMdWTIeHrdD2TmDM0CA7hUOlBNrRx51Ik6qrZKBex6BJoYJ8GF5Sii8LYcOLzezwqwNU9mQZzb5I5VZ6x2N3oLZNAvPD7U%2BvSlZ1dUVNcpNTWBaR6qu2PFkSW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e506edd0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex
style.css
g.ezodn.com/cmp/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/style.css?domainId=176527&version=9&cv=5072A7ffffff000000
Requested by
Host: ezodn.com
URL: https://ezodn.com/cmp/altconsent.js?v=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e275bd1de537a8ed650f200415166cf98157ca6684ab92e17110604260d5066

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Apr 2022 18:12:37 GMT
server
cloudflare
age
45056
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWXtdb53nD3Vh3KwtP0ScQ5ZDwBMz%2BrWxqUlFlmR8AnCq8amT5IrSKTZ%2Bkk5V5D0XD9FKHiim%2F4t7zxaEqKMJhy5uhemZmppdNEQFp0LBNYLK5UQUQy65F5stNs%2Fz05H33HiPv3CKpY42Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e5138f183ba-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
safa.go
g.ezoic.net/ 		48 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/safa.go?url=https%3A%2F%2Ffilesamples.com%2F&wc=133&ez_pwa=0&scriptsLoaded=false&dps=false&dpa=false&group=0&t=%7B%7D&a=true&rpg=true&pc=[{%22id%22:121,%22size%22:%22970x250%22},{%22id%22:137,%22size%22:%22336x280%22},{%22id%22:100,%22size%22:%22728x90%22},{%22id%22:6,%22size%22:%223x3%22}]&fa=true&uh=false&abt=mod96&tid=134&tname=pub_site&ltcl=0&bw=false&wbr=0&ref=&npv=true&msn=-1
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c33a373d4022f0feff7d405cf9d1870448ea7f6f3661a7f6fe4f12fa6085ed10

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://filesamples.com
access-control-max-age
1728000
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Tue, 31 May 2022 22:26:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=55930572&t=pageview&_s=1&dl=https%3A%2F%2Ffilesamples.com%2F&ul=en-us&de=UTF-8&dt=Free%20File%20Samples%20to%20Download%20-%20185%20Types%20Available&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1584805216&gjid=1402636573&cid=110614979.1654122361&tid=UA-154360290-1&_gid=1675769847.1654122361&_r=1&gtm=2ou5p1&z=405097949
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ui-icons_777777_256x240.png
filesamples.com/images/vendor/jquery-ui-dist/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filesamples.com/images/vendor/jquery-ui-dist/ui-icons_777777_256x240.png?40bf25799e4fec8079c7775083de09df
Requested by
Host: filesamples.com
URL: https://filesamples.com/css/app.css?id=2606f4ee2210f66ed40b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75b27211e16fcf94715168001bb7055ca376d46f928110ba3d0825232452e5a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/css/app.css?id=2606f4ee2210f66ed40b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
138498
x-ezoic-cdn
Hit ds;mm;0e6d6714c8e0010020ff31e755b1939d;2-176527-2;44835e56-f526-4ab9-4068-255610e394d8
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-origin-cache-control
response
200
last-modified
Thu, 19 May 2022 18:31:00 GMT
server
cloudflare
etag
W/"5deee78e-1b65-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAyjWaKvHweYQSI1PdVuZwENoXcpjxbuRIh1haw5eT43oPE4NWvi5ozDwGzVL1Zh%2FjckMRoWTYYdor67gvdK2u%2F12coyAmn%2FXjUnjimyVy32CafdBUXmM5W74nCtsBksOu5dPXABwPnUjkTzlVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
714b5e5168940f82-MXP
display
staticcontent_sol
tortoise.js
go.ezodn.com/beardeddragon/ 		2 KB
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/beardeddragon/tortoise.js?gcb=2&cb=3
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565c527fe8f92c8a9eadddf2a0e16eb40bbff31298fc67064f090e515f882b6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1048261
cf-ray
714b5e539e4f83ba-MXP
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 20 May 2022 19:14:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq6ylDgG0fmEYMynIteL09yflVGMqWPl7FhoDpw5rBnXaZ8K1S3BO88Sd3udrgYRYQRIrjnclTE00iAIXogNUtN7o4s7ZA9jeZ2sTVJ0TI0Y7cPSSP8LcEGQtcER5iFbZK4z8tnR78ojJIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
anchorfix.js
go.ezodn.com/detroitchicago/ 		886 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/anchorfix.js?cb=195-2
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a19643aa47aeee6f664e5b4f825b784ae76b84eacbd8dab2ef588d4f6c9c93da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13900537
cf-ray
714b5e539e4583ba-MXP
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 23 Dec 2021 01:10:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1ioK8%2B4odQJanCSQSM8qjXUDYDP%2FnHiMg%2FrikFlxB9FkcpgeKB1e3exbPcTY%2BkQigsRfGPvQ193x3NU60Cyr707Eh%2BJz14kesaYLagKMgUozckjHaFvTqICtWVR0sPMam6e3q6kZatcdO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
houston.js
go.ezodn.com/detroitchicago/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/houston.js?gcb=2&cb=17
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559539863676ce8b7493956a42958ab940d9b1fe8587e23d56832a56d8369dc3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4333734
cf-ray
714b5e539e4e83ba-MXP
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 12 Apr 2022 18:37:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEGEd0bPQCOrAP%2BGxQ2I8Now2X8tUCLKF3qawpSk4OMRmkCnqS7GELvD1yB6neeQWROYyDHG%2FcN%2F5LL%2B1Vo%2Bhsoq%2F9DlEArilCxLB%2FMQWmGjsTDTNL6rjVpWoIAiLmBt9LaWoL5Jz7L7RqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
dall.js
go.ezodn.com/hb/ 		366 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ac55e97345cd64e16215841139f999e2066f531793a962e2e29ec99472ff6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 May 2022 21:41:17 GMT
server
cloudflare
age
1125883
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FeXbuSc5gs1oW32ylU%2BRauar0wZ7fW%2F9DbLWz4A1rliDDsuzVByhfLUGkYksEPHl%2FFAPNy5jvz2XYmEb5bbixUXMNUxnYGSMa6xsLr58ZoMTX8aIeaPRez1FD7Un6KMOTGHnL2FY0Ikl%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
714b5e539e4983ba-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
a8faea04d91809f1f51bef23bb1680dafc6589c3539ba4bfb249c6cd6b4f5f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28116
x-xss-protection
0
server
sffe
etag
"1232 / 711 of 1000 / last-modified: 1654121096"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Jun 2022 22:26:00 GMT
banger.js
go.ezodn.com/porpoiseant/ 		54 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/banger.js?cb=195-2&bv=116&v=58&PageSpeed=off
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240645802d5b3baf51f7c4a3b8b25d41f7101c2ca6b8029d048f9309571ae421

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
606256
cf-ray
714b5e539e4b83ba-MXP
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 25 May 2022 22:01:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnc%2F4o8Iro6NrUTw7ElaJUQa9W4wPcyaolOATuNx%2BrbbiTKyTL4lI24RMcPEPxf5fVIbKfDaPUz9ifxgbBzEZDO%2BH0ZDAa%2FML7lDxH%2B8nvqiAQF67Qr46p%2BpKubWVwkcW2XPDcSHyp5yd3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
imp.gif
filesamples.com/detroitchicago/ 		43 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://filesamples.com/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod96%22%2C%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A101%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%221%2C4%2C5%2C6%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A3%2C%22city%22%3A%22Manchester%22%2C%22country%22%3A%22GB%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A0%2C%22domain_id%22%3A176527%2C%22domain_test_group%22%3A20210308%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A11%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%221006%2C1100%2C1121%2C1137%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%220b683406-83b9-4b1c-411b-7a23ca0e85d4%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22M32%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A0%2C%22response_time_orig%22%3A0%2C%22serverid%22%3A%2218.198.26.135%3A30947%22%2C%22state%22%3A%22MAN%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1121%2C1137%22%2C%22t_epoch%22%3A1654122360%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ffilesamples.com%2F%22%2C%22user_id%22%3A0%2C%22visit_uuid%22%3A%222c218eb7-1208-4ee2-6b9f-9b04d9dcb1f8%22%2C%22word_count%22%3A133%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:00 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htXyJ9365EfmsSBmbO03GhcGC6sq4QZs1PsgNXCXCCehVQ3SLiLVI%2Bq3pXCoT05%2Bw4SBH0dfwnSkMqwTE26vSCihMzuI1Hbhl%2BawesmN%2FYhY5ZUIeilB8spM0c3TRWw1SnMfKsqbTYRI%2B07K0cQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
714b5e538b880f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Tue, 31 May 2022 22:25:59 GMT
si
capi.connatix.com/tr/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
access-control-max-age
86400
content-type
application/json
connatix.player.dc.js
cds.connatix.com/p/164672/ Frame 3B0C
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
  • https://cds.connatix.com/p/164672/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
992 KB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164672/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa61c48b9eb21b30c09a66491d7ce22bd222f9a5ac0378a26e465742f1dbf315

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 19:28:00 GMT
age
9313
etag
"48c64cfeba686e3a9bece2e82f8a770a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
268499

Redirect headers

location
https://cds.connatix.com/p/164672/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
date
Wed, 01 Jun 2022 22:26:01 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
nmash.js
go.ezodn.com/porpoiseant/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/nmash.js?v=116
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-2&bv=116&v=58&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29423a53e5a231c0002fe62f9866c790fa23e62062a34939ee0cc0cd0bf24f28

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
606290
cf-ray
714b5e547b555a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 19 May 2022 18:31:00 GMT
server
cloudflare
etag
W/"74bb-5df6193520100;5df6193520100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Acgtmd55yN2LHQHOM7RjEgiAANvdyHq0o8gYrp%2B0gD9VcCuweXlRS25WrXMNO4tkve3wUWh6JLUaF53L%2Fmck6FMRMuThxzNeABdsQUtdFbSe3Gy0K5UbpcTlPH3Qnilv879B7ufr%2Fn5%2BoMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cookie_sync
pb-server.ezoic.com/ 		271 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb-server.ezoic.com/cookie_sync
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.95.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-95-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
121a7895494cf562e623fea3fd368f7a796af3d9b3d971774f0909c6d2d8f94e

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:01 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
271
expires
0
auction
pb-server.ezoic.com/openrtb2/ 		231 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb-server.ezoic.com/openrtb2/auction
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.95.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-95-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
abccfaecc2300427a6c96423b95f3cc2d8380aed3de9a9e25e91455e6c349d3a

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:01 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
231
expires
0
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filesamples.com
date
Wed, 01 Jun 2022 22:26:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
668ad51d1b3690658876813ff78f36ddefb9a04ac86fd3a336d5306fdc25ec5a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Jun 2022 22:26:01 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0a986f29-0eee-446d-ab99-69f5a87d1425
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://filesamples.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		536 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ffilesamples.com%2F&CanonicalUrl=https%3A%2F%2Ffilesamples.com%2F&PublisherDomain=https%3A%2F%2Ffilesamples.com
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
4721248efa926d8a2c1a36b1fec28d4208378d8b8b1b43b0fa4a91a7a976d8d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:01 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filesamples.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
238
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
536
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://filesamples.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
mvo
tag.1rx.io/rmp/215626/0/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/215626/0/mvo?z=1r&hbv=6.23,2.1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filesamples.com
pragma
no-cache
date
Wed, 01 Jun 2022 22:26:01 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
ortb
bid.contextweb.com/header/ 		0
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
server
envoy
cwdl
22/120,22/120,22/120
access-control-allow-origin
https://filesamples.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
34
cw-server
bid-deployment-59bf89fb8d-5wzxj
/
prebid.smilewanted.com/ 		0
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
cf-ray
714b5e54eec87708-LHR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
cf-ray
714b5e54eecb7708-LHR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
cf-ray
714b5e54eece7708-LHR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
prebid.media.net/rtb/ 		23 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUBCB617
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
09030e524abb4b7e850c76d10d0663c39e94a385bc2c03428197f2deaeceb6d0

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e22111cc470171&cmd=bid&secure=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
6f980c160e1056ae03f4277e5c9c9b41466ec277b392875568aaef372e1e0eab

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221121e52019a&cmd=bid&secure=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ed9599a11d7b9e61c58e50ed37951405921652da8652da9a66331d4c991253de

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
content-length
62
pubads_impl_2022052601.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
89fcef2fe8204ec89e703202f4313758021687559f6216a92b5379a753015e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 19:55:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127327
x-xss-protection
0
last-modified
Thu, 26 May 2022 08:35:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Jun 2023 19:55:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		95 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
90e940f4b76a6a3db249629eee3188c06721ad96e8b73b40ac659c9971281b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
expires
Wed, 01 Jun 2022 22:26:01 GMT
setuid
pb-server.ezoic.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=e2eb1153-2134-42a3-b252-dae82c19a18f&gdpr=&gdpr_consent=&us_privacy=
86 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=e2eb1153-2134-42a3-b252-dae82c19a18f&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
35.156.95.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-95-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=e2eb1153-2134-42a3-b252-dae82c19a18f&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 01 Jun 2022 22:26:01 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/164672/ Frame 3B0C 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164672/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 19:28:00 GMT
age
9313
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
player.css
cds.connatix.com/p/164672/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164672/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
daf028afc101da7201cb211f9786b6a36f6bf60ad836dfe991306140efca2432

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 19:28:00 GMT
age
9313
etag
"ea2f9ede807e1b050a71617a64dba818"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8709
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
pls
capi.connatix.com/core/ Frame 3B0C 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=164672&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8451281fd371d3f9c544a6874aab480f38026a3de5c84b31ab81fa2c91a4e84

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://filesamples.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2923
ads
securepubads.g.doubleclick.net/gampad/ 		446 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171654112646377&correlator=3415723177513110&eid=31067773%2C31061167%2C31065401&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21732118914%3A22573772600%2Cfilesamples_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=1900633481&sfv=1-0-38&ecs=20220601&fsapi=false&prev_scp=a%3D%257C252%257C%26iid1%3D3938322249479915%26eid%3D3938322249479915%26t%3D134%26d%3D176527%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dfilesamples_com-box-2-3938322249479915%26eb_br%3Df0925b4547fc827b18897e82de41f3b6%26eba%3D1%26ebss%3D10061%2C11304%2C11307%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D600%26br2%3D300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C117%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C774&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1654122361320&lmt=1654122361&dlt=1654122360128&idt=1148&biw=1600&bih=1200&adxs=315&adys=50&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffilesamples.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=1600x0&fws=0&ohw=0&ga_vid=110614979.1654122361&ga_sid=1654122361&ga_hid=55930572&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d7642cb8848761aeaf68ff0285b4c2ef4b5acf822739e4a0ea0a7d45c18b1f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca9f5ff3646cd660220484d9f417d638598404d9fade09b963bce32a4533b641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10656
x-xss-protection
0
container.html
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 98BA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 22:26:01 GMT
expires
Thu, 01 Jun 2023 22:26:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		447 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171654112646377&correlator=488035682134494&eid=31067773%2C31061167%2C31065401&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21732118914%3A22573772600%2Cfilesamples_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=540251406&sfv=1-0-38&ecs=20220601&fsapi=false&prev_scp=a%3D%257C3%257C%26iid1%3D8487947841494820%26eid%3D8487947841494820%26t%3D134%26d%3D176527%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dfilesamples_com-medrectangle-2-8487947841494820%26eb_br%3Df63322dda53fb357fc621e718fd4fb87%26eba%3D1%26ebss%3D10061%2C11304%2C11307%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D450%26br2%3D220%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C16%2C28%2C67%2C45%2C0%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C774&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1654122361329&lmt=1654122361&dlt=1654122360128&idt=1148&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffilesamples.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&fws=512&ohw=0&ga_vid=110614979.1654122361&ga_sid=1654122361&ga_hid=55930572&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
bac82a54806cc0d3d1bd428fcd9de26b89b746c8160abc922edd836df1d9d10a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
insights.bin
ins.connatix.com/e9310c534d998708910b1bf11118630d/ Frame 3B0C 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/e9310c534d998708910b1bf11118630d/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
last-modified
Thu, 21 Apr 2022 17:24:38 GMT
age
481888
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 22:26:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC8D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
15472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 18:08:09 GMT
expires
Thu, 01 Jun 2023 18:08:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D849 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da85da3b8ab561ce6f08d413090181e51d3191b8641df67d3897dcb567ca66e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MZlP8KKbx0SP4Y2rD9FtJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-MZlP8KKbx0SP4Y2rD9FtJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 22:26:01 GMT
expires
Wed, 01 Jun 2022 22:26:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
basher.ezodn.com/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://basher.ezodn.com/?did=176527&bf=900&dc=21732118914%7C1254144
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/nmash.js?v=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072a0061e650a5a819b9b3746ec700a4510d43082aebabd410a036c60d76dae0

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
X-PINGBACK
pingpong
Content-Type
application/json

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://filesamples.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1Cd4glfivUA9c2dgC5kNZMIS5zPW%2BjftfN0lk6TeNkpSaw6u18hQ0oam948U%2B8cU1becrBeM%2FfUF8f16j46RyVmU7nMq5LqeHknoOAEcNUPwOJi0zrNehYl58%2F2S%2FYnxJAnSpyqTOd3h8DJKeGb"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
cache-control
public, max-age=84400
cf-ray
714b5e5a5fc1f933-MXP
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
basher.ezodn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://basher.ezodn.com/?did=176527&bf=900&dc=21732118914%7C1254144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-pingback
Access-Control-Request-Method
GET
Origin
https://filesamples.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-pingback
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://filesamples.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
714b5e59793c3753-MXP
content-length
0
content-type
application/json
date
Wed, 01 Jun 2022 22:26:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AG6eMY4TsR0fiM5d%2FhPYTarSdYQCDrCp9loYY9UgTbvHQeQdYcU684K02HNXQufMsbmMdYQAn1NKZNCvd7oIQx5rDjxZbpKmtj7VPXJzzjiDJQx2b4%2FAAaXc2RaYmR2wmmNPZLEtMQpJqRRHALpK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJkb21haW5faWQiOiIxNzY1MjciLCJ0X2Vwb2NoIjoxNjU0MTIyMzYwLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiZG9tYWluX2lkIjoiMTc2NTI3IiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDYtMDEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJkb21haW5faWQiOiIxNzY1MjciLCJ0X2Vwb2NoIjoxNjU0MTIyMzYwLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJkb21haW5faWQiOiIxNzY1MjciLCJ0X2Vwb2NoIjoxNjU0MTIyMzYwLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjBiNjgzNDA2LTgzYjktNGIxYy00MTFiLTdhMjNjYTBlODVkNCIsImRvbWFpbl9pZCI6IjE3NjUyNyIsInRfZXBvY2giOjE2NTQxMjIzNjAsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://filesamples.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Tue, 31 May 2022 22:25:59 GMT
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJkb21haW5faWQiOiIxNzY1MjciLCJ0X2Vwb2NoIjoxNjU0MTIyMzYwLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIzMzkifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjU3OCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiOCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIzNjUifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIzNjgifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNDYyIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiZG9tYWluX2lkIjoiMTc2NTI3IiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNjk5In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiZG9tYWluX2lkIjoiMTc2NTI3IiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI2OTkifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJkb21haW5faWQiOiIxNzY1MjciLCJ0X2Vwb2NoIjoxNjU0MTIyMzYwLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiZG9tYWluX2lkIjoiMTc2NTI3IiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiI5LjMifV19XQ==
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://filesamples.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Tue, 31 May 2022 22:26:01 GMT
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJkb21haW5faWQiOiIxNzY1MjciLCJ0X2Vwb2NoIjoxNjU0MTIyMzYwLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiZG9tYWluX2lkIjoiMTc2NTI3IiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxOTA1In1dfV0=
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://filesamples.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Tue, 31 May 2022 22:26:00 GMT
sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame 3B0C 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=164672&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.200.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-200-104.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
20567f6e955396d07a86d7911d0a6d1bd02e3245d1d1df9fe8dfac8c2359b9e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28166
x-xss-protection
0
server
sffe
etag
"1232 / 283 of 1000 / last-modified: 1654121128"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Jun 2022 22:26:02 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3B0C 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128968
x-xss-protection
0
expires
Wed, 01 Jun 2022 22:26:02 GMT
5.png
img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/5.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
br
age
401997
etag
"WyY66hWo5OdoXuQtIRPU7kBpkP2OfioY7IdwgbKwCN4"
access-control-max-age
86400
fastly-io-info
ifsz=5795 idim=59x61 ifmt=png ofsz=5076 odim=59x61 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
5081
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		117 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171654112646377&correlator=391051341704844&eid=31067773%2C31061167%2C31065401&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21732118914%3A22573772600%2Cfilesamples_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=788156930&sfv=1-0-38&ecs=20220601&ists=1&fas=8&fsapi=false&prev_scp=ga%3D5302779%26tap%3Dfilesamples_com-pixel1-4339926131420067%26ezoic%3D1%26eb_br%3D24b380adcc0659544af3c796e2648643%26br1%3D400%26ap%3D9999%26iid1%3D4339926131420067%26bra%3Dmod96&eri=1&sc=1&cookie=ID%3D65ada3f94c60f67d-22877cdaa5cd00b3%3AT%3D1654122361%3AS%3DALNI_MZx2lQ-id4fI32tlZ09-QMYZX4oFA&abxe=1&dt=1654122362100&lmt=1654122362&dlt=1654122360128&idt=1148&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffilesamples.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=110614979.1654122361&ga_sid=1654122361&ga_hid=55930572&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
279ec17b447a7e42264021cf46c4e3e83d464de13640827e8d1f11db65417b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33198
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2022052601.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
c83c3fde7d39843c4ff04bd8f1c944876dcfdb4410b1df84606ae767ef31ef24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 10:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
560063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13355
x-xss-protection
0
last-modified
Thu, 26 May 2022 08:35:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 May 2023 10:51:39 GMT
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 3B0C 		550 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=164672&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.200.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-200-104.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
1d09bd9bf1757c0859846fc1837c917c616cd5fe777fa66ac18058f86b032627

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
374
Twix.xml
demo.connatix.com/Automation/Feeds/ Frame 3B0C 		0
0
prebid6.20.0-1.js
cds.connatix.com/p/plugins/ Frame FCE4 		433 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d92a11899a5768511f0431479d50a6fbabd9aa93099c062bc9f348fdb83be72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
br
last-modified
Wed, 18 May 2022 09:02:01 GMT
age
1257825
etag
"d147c1dd13a25190e1aa7227401d9c91"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
115039
sodar
pagead2.googlesyndication.com/pagead/ Frame D849 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052601&jk=1171654112646377&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame EC8D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 14:33:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
28324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 14:33:58 GMT
Twix.xml
demo.connatix.com/Automation/Feeds/ Frame 3B0C 		0
0
287146
search.spotxchange.com/vast/2.0/ Frame 3B0C 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/287146?VPAID=js&content_page_url=https%3A%2F%2Ffilesamples.com%2F&cb=5c29d3fd-93a2-42d5-9e55-4766532ff3ab&player_width=400&player_height=225&schain=1.0,1!connatix.com,985704552967867,1,,,,&us_privacy=&gdpr=1&gdpr_consent=0
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Require
0.000273
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000007
X-SpotX-Timing-Page
0.008773
Pragma
no-cache
Date
Wed, 01 Jun 2022 22:26:02 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://filesamples.com
X-SpotX-Timing-Page-Exception
0.000019
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000008
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.002188
X-SpotX-Timing-Transform
0.000390
X-SpotX-Timing-SpotMarket
0.002188
X-spotx-Exception-0-ID
MARKET_HALTED
X-SpotX-Timing-Page-Misc
0.002106
X-spotx-Exception-0-Message
Halting market due to lack of consent
Content-Length
79
X-SpotX-Timing-Page-Context
0.003594
X-fe
086
Last-Modified
Wed, 01 Jun 2022 22:26:02 GMT
Server
nginx
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000188
generate_204
tpc.googlesyndication.com/ Frame EC8D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?upxu-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame A2FD 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
95145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 20:00:17 GMT
expires
Wed, 31 May 2023 20:00:17 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 3B0C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Jun 2022 22:26:02 GMT
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame D72B 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
95145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 20:00:17 GMT
expires
Wed, 31 May 2023 20:00:17 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame B5A3 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
95145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 20:00:17 GMT
expires
Wed, 31 May 2023 20:00:17 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2BCF 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 01 Jun 2022 23:03:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 56A9 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 01 Jun 2022 23:03:34 GMT
Twix.xml
demo.connatix.com/Automation/Feeds/ Frame 3B0C 		0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5CBA 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 01 Jun 2022 23:03:34 GMT
container.html
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FE3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 22:26:01 GMT
expires
Thu, 01 Jun 2023 22:26:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJkb21haW5faWQiOiIxNzY1MjciLCJ0X2Vwb2NoIjoxNjU0MTIyMzYwLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjIzMDcifV19XQ==
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://filesamples.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Tue, 31 May 2022 22:26:06 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDMzOTkyNjEzMTQyMDA2NyIsImRvbWFpbl9pZCI6IjE3NjUyNyIsInVuaXQiOiJmaWxlc2FtcGxlc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiYXVjdGlvbl9lcG9jaCI6MTY1NDEyMjM2MiwiYWRfcG9zaXRpb24iOjk5OTksImNvdW50cnlfY29kZSI6IkdCIiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NDAwLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6NDAwLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjozNTMsIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjIxNzMyMTE4OTE0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDQyNzJ9XQ==
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://filesamples.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Tue, 31 May 2022 22:25:59 GMT
Twix.xml
demo.connatix.com/Automation/Feeds/ Frame 3B0C 		0
0
css2
fonts.googleapis.com/ Frame 2FE3 		4 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 21:25:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Jun 2022 22:26:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Jun 2022 22:26:02 GMT
css
fonts.googleapis.com/ Frame 58F3 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 21:25:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Jun 2022 22:26:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Jun 2022 22:26:02 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 58F3 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
617
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:15:45 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame 58F3 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite_fy2019.js
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d04270929a7b55e11bad5612cec9a0bc6f99aa203065ebb49282a8e10ed3f897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8686
x-xss-protection
0
server
cafe
etag
15744946208710284980
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:12:08 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 58F3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2019.js
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 58F3 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 22:26:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 58F3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:06:43 GMT
l
www.google.com/ads/measurement/ Frame 58F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyCEr0-A0osQSUgF6iwpkREnyl5cTC1vCy03PQ-6i7chpGjonhb-kMBznX6D7wXq3rEr6k0mdZDMsJpwU25y1nLjc0Zw
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
1a132ce94651f9fd8f1d4e10540034d5.js
www.gstatic.com/mysidia/ Frame 58F3 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 20:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13011
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:03:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 20:23:28 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame 2FE3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8280
x-xss-protection
0
server
cafe
etag
1405619832300133377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:25:40 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2FE3 		205 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 21:31:57 GMT
x-content-type-options
nosniff
age
3245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 01 Jun 2023 21:31:57 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2FE3 		604 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 19:28:36 GMT
x-content-type-options
nosniff
age
10646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 01 Jun 2023 19:28:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1EF9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
59538
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 02 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 1EF9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENAQ3_x8c7nKe3-ZwmshqZQ&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENAQ3_x8c7nKe3-ZwmshqZQ&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d25ZOHprNjcxTld3TVc1&google_gid=CAESENAQ3_x8c7nKe3-ZwmshqZQ&google_cver=1&google_push=AYg5qPL-uzaX70CqZQzWep8NHYYWWqvr-t_dRJ7CXqKkn_2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d25ZOHprNjcxTld3TVc1&google_gid=CAESENAQ3_x8c7nKe3-ZwmshqZQ&google_cver=1&google_push=AYg5qPL-uzaX70CqZQzWep8NHYYWWqvr-t_dRJ7CXqKkn_225IyNsfPtkYL_UNFdfyxZQPJPIpvVwK_D7kEwTWCpm7A58hljCOMl
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Jun 2022 22:26:02 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-025786580083fbd6c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d25ZOHprNjcxTld3TVc1&google_gid=CAESENAQ3_x8c7nKe3-ZwmshqZQ&google_cver=1&google_push=AYg5qPL-uzaX70CqZQzWep8NHYYWWqvr-t_dRJ7CXqKkn_225IyNsfPtkYL_UNFdfyxZQPJPIpvVwK_D7kEwTWCpm7A58hljCOMl
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1EF9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBe0tb6kFE0x2v0amUhFxN0&google_cver=1&google_push=AYg5qPLhjGW6Ssew5N5gGHbuI1txK5HoefvOZv94ZYrQopMLLpiGdeqMBMDUUjqp4r7YiuZ6lNa3LDjrqU3vW1puQp23n0jASgD-
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD9AB5622DEA4E07A7260A599D6F3250&google_push=AYg5qPLhjGW6Ssew5N5gGHbuI1txK5HoefvOZv94ZYrQopMLLpiGdeqMBMDUUjqp4r7YiuZ6lNa3LDjrqU3vW1p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD9AB5622DEA4E07A7260A599D6F3250&google_push=AYg5qPLhjGW6Ssew5N5gGHbuI1txK5HoefvOZv94ZYrQopMLLpiGdeqMBMDUUjqp4r7YiuZ6lNa3LDjrqU3vW1puQp23n0jASgD-
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Jun 2022 22:26:02 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD9AB5622DEA4E07A7260A599D6F3250&google_push=AYg5qPLhjGW6Ssew5N5gGHbuI1txK5HoefvOZv94ZYrQopMLLpiGdeqMBMDUUjqp4r7YiuZ6lNa3LDjrqU3vW1puQp23n0jASgD-
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 31 May 2022 22:26:02 GMT
pixel
cm.g.doubleclick.net/ Frame 1EF9
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEIOO0rNjhiiFAAGjfvEmCD8&google_cver=1&google_push=AYg5qPImGwpp3JcCF1Wi48fqv_wyFfYlvgww2Kppcw_gHPAU9hQKKp7sbybG3dZml_OFnG25z6rVUlMWld0-9udLa8yPPtkAXM9n
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDBGMUQ1QTIyQ0EyMUJBMQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDBGMUQ1QTIyQ0EyMUJBMQ==
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDBGMUQ1QTIyQ0EyMUJBMQ==
date
Wed, 01 Jun 2022 22:26:02 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 1EF9
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEMGG5siZzULgvm8oIl12DNI&google_cver=1&google_push=AYg5qPIYgr2K7go9vfNr8YmAYoTowPkf-3kk1-pFkUJvibBnOkeeVUyKypAFa6esVSljt...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIYgr2K7go9vfNr8YmAYoTowPkf-3kk1-pFkUJvibBnOkeeVUyKypAFa6esVSljtQJqjVeg6C3fSSNeSMy_CEETydmf47tw&google_hm=QW1jTXhkb0xzcU9Fd0hqaXQ0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIYgr2K7go9vfNr8YmAYoTowPkf-3kk1-pFkUJvibBnOkeeVUyKypAFa6esVSljtQJqjVeg6C3fSSNeSMy_CEETydmf47tw&google_hm=QW1jTXhkb0xzcU9Fd0hqaXQ0VFJSU3c=
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIYgr2K7go9vfNr8YmAYoTowPkf-3kk1-pFkUJvibBnOkeeVUyKypAFa6esVSljtQJqjVeg6C3fSSNeSMy_CEETydmf47tw&google_hm=QW1jTXhkb0xzcU9Fd0hqaXQ0VFJSU3c=
Date
Wed, 01 Jun 2022 22:26:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame 1EF9
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEMuQXt1xZFuKyHlyQQ8w4zk&google_cver=1&google_push=AYg5qPKWIp0GxEYb4RBujzuWMhm5VFzmzTG1WBbhfr47SO3vObVYDUy4YP-TwLWXpzghjc_iCQUMsE__dlLlzUhGEpvA7t...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMuQXt1xZFuKyHlyQQ8w4zk&google_cver=1&google_push=AYg5qPKWIp0GxEYb4RBujzuWMhm5VFzmzTG1WBbhfr47SO3vObVYDUy4YP-TwLWXpzghjc_iCQUMsE__dlLlzUhG...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZqwH0AC6SS-j8hSZjOd_Tg&google_push=AYg5qPKWIp0GxEYb4RBujzuWMhm5VFzmzTG1WBbhfr47SO3vObVYDUy4YP-TwLWXpzghjc_iCQUMsE__dlLlzUh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZqwH0AC6SS-j8hSZjOd_Tg&google_push=AYg5qPKWIp0GxEYb4RBujzuWMhm5VFzmzTG1WBbhfr47SO3vObVYDUy4YP-TwLWXpzghjc_iCQUMsE__dlLlzUhGEpvA7txnEcWg
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZqwH0AC6SS-j8hSZjOd_Tg&google_push=AYg5qPKWIp0GxEYb4RBujzuWMhm5VFzmzTG1WBbhfr47SO3vObVYDUy4YP-TwLWXpzghjc_iCQUMsE__dlLlzUhGEpvA7txnEcWg
date
Wed, 01 Jun 2022 22:26:02 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pub
cs.chocolateplatform.com/ Frame 1EF9 		0
0
pixel
cm.g.doubleclick.net/ Frame 1EF9
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEJAgsYl2dpwsNhFeJzJhKaE&google_cver=1&google_push=AYg5qPJiOpTUhNJMO8tG62rY5utSk1RhJUJ_HTfvGHXZIPnNddmWm_jnm9wXUVHAWYim6cm-UvPgI...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPJiOpTUhNJMO8tG62rY5utSk1RhJUJ_HTfvGHXZIPnNddmWm_jnm9wXUVHAWYim6cm-UvPgIek5DAl-JiTPNS1uPpPMx4D-&google_hm=WXBmbmU4Q28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPJiOpTUhNJMO8tG62rY5utSk1RhJUJ_HTfvGHXZIPnNddmWm_jnm9wXUVHAWYim6cm-UvPgIek5DAl-JiTPNS1uPpPMx4D-&google_hm=WXBmbmU4Q281c0VBQUVQaVZ2VUFBQUFB
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
6
Date
Wed, 01 Jun 2022 22:26:03 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEJAgsYl2dpwsNhFeJzJhKaE&google_push=AYg5qPJiOpTUhNJMO8tG62rY5utSk1RhJUJ_HTfvGHXZIPnNddmWm_jnm9wXUVHAWYim6cm-UvPgIek5DAl-JiTPNS1uPpPMx4D-&proto=google_ebda","cluster_id":6,"gdpr":true,"ipv4":"0.0.0.0","key":"Ypfne8Co5sEAAEPiVvUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad390"}
X-SO-Ads-Time
2
X-SO-Key
Ypfne8Co5sEAAEPiVvUAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad390
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPJiOpTUhNJMO8tG62rY5utSk1RhJUJ_HTfvGHXZIPnNddmWm_jnm9wXUVHAWYim6cm-UvPgIek5DAl-JiTPNS1uPpPMx4D-&google_hm=WXBmbmU4Q281c0VBQUVQaVZ2VUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad390.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
a-tgng40003.dc2p.scaleout.jp
X-SO-IP
217.138.196.105
attr
cm.g.doubleclick.net/pixel/ Frame 1EF9 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L49KnWHRhxr4XrI8LYI5pszhJxODQfnPfTo2wAnfXZsUOgQAzSgEk2ySVbEF29AqP9ChJb
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052601&jk=1171654112646377&bg=!oKOlo-fNAAao8wy8iPM7ACkAdvg8Ws3lfmp7NPCuYXr4qZg5-CpbYxRhGs1o6dz2rMbTwnOnrtkvGgIAAACfUgAAAAJoAQeZAqRnT3Jrg_KWU_9gFsCEDA8DVcjiXUtdAXIAhwZyBNKJNsXlkro5_0MdRmTHY4QPksVwIaXNAWFe3kgYnYi6-VoOOCdCNziV8JkQm-6fYc9G6vWJkEuDEFB03BAQIvKUZqdBjTGmsFDGXhV8CVPwkLECnvqmuC1di686TOE7Nt3c10ic5-Raj5iIvLDyZXazBCivqT8c06alD5dZ_MYQSOq52_ezBTsIay2VKTo-58QsH8RdB2nN0E1ajAfQ6NTl82QgQkdY2ckgFs6D6NKMsLDzh5OXGFpUHcsObByYfpyNi3rXUbjM3IyWdrCZ4m4H_K4NR4xfSgxFj7ywpb5swMKW6o3qtpn1eqEuM9mqU19G8prt-KK4XllC5wtheoJ9ot_jMRbDXuOgoByrgZosoni9OF3GobxTvoe5487D_5SjTB1mQ2f_VE66paZHrP0nhnOaj5MfqzmG5g-MNW3dle9a1KKDw_km3c8msa95WoI6S1KZIm2q_NP49H8bVKCWTIdjHbBsGrBup9lkMd-qCsrRvXoLc7-JQ-Mg48-XGczzhYd34wWl2VoF71DpygvZpwqcUX1ewqHXMp8fAfnBh2ZHi83bje9BFwAgxu1v6lKFhBi8J5qS3CR90aYv4sV3RpfB92gU8ZXs85B43PWLMRidZhzZvosy7DHGkacBU1MZthaVAejJYDv7Mgtii7gwXKXCF7RspAUu-TZ-LkzswJgtB92f5m6pz-eTAEcn-ybt-jrmmhSnJhSDEvsS9KRjk9CBVHABz1BK21VAcMr_t5eJmdIEhbiSYrY8Nfx-xSKYfiBcWrbm5TpmtPXXI2xOMLUJcHSyQJvj9xL_wunsFFywLqIv4skK1SGuIG7ywDis1VL4jNBo4khRAD6gfkwVbDK9dW6k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
ao
capi-tier-1-us-east-2.connatix.com/tr/ Frame 3B0C 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=164672&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.200.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-200-104.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 01 Jun 2022 22:26:02 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
ps
capi-tier-1-us-east-2.connatix.com/tr/ Frame 3B0C 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=164672&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.200.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-200-104.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 01 Jun 2022 22:26:03 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
vpp.gif
filesamples.com/detroitchicago/ 		43 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filesamples.com/detroitchicago/vpp.gif?e=%5B%7B%22url%22%3A%22https%3A%2F%2Ffilesamples.com%2F%22%2C%22pageview_id%22%3A%220b683406-83b9-4b1c-411b-7a23ca0e85d4%22%2C%22template_id%22%3A134%2C%22player_name%22%3A%22ezcnx-outstream%22%2C%22domain_id%22%3A176527%2C%22media_src%22%3A%22%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:03 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDKDhFcPzy%2BknmtDjqbp13KVYcA9uN%2FqeIxqD91X%2FTEqQeafx7HtcNMfp7MV3BEuMW4cl3lET0PZoXVCgO0rxH0w9PFP%2BqWeikls9Cgrrwr2EY8AGVPQVEWGThehfnXyDqh8zbO2aYD0phL%2FZKU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
714b5e640da40f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Tue, 31 May 2022 22:26:02 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDMzOTkyNjEzMTQyMDA2NyIsImRvbWFpbl9pZCI6IjE3NjUyNyIsInVuaXQiOiJmaWxlc2FtcGxlc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzE2MDAsMTIwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQzMzk5MjYxMzE0MjAwNjciLCJkb21haW5faWQiOiIxNzY1MjciLCJ1bml0IjoiZmlsZXNhbXBsZXNfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NTQxMjIzNjAsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjBiNjgzNDA2LTgzYjktNGIxYy00MTFiLTdhMjNjYTBlODVkNCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDMzOTkyNjEzMTQyMDA2NyIsImRvbWFpbl9pZCI6IjE3NjUyNyIsInVuaXQiOiJmaWxlc2FtcGxlc19jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:03 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://filesamples.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Tue, 31 May 2022 22:26:11 GMT
sv
capi-tier-1-us-east-2.connatix.com/tr/ Frame 3B0C 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sv?v=164672&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.200.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-200-104.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 01 Jun 2022 22:26:03 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://filesamples.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		318 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171654112646377&correlator=221785114372071&eid=31067773%2C31061167%2C31065401&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21732118914%3A22573772600%2Cfilesamples_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=4&adks=1900633481&sfv=1-0-38&ecs=20220601&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C252%257C%26iid1%3D3938322249479915%26eid%3D3938322249479915%26t%3D134%26d%3D176527%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dfilesamples_com-box-2-3938322249479915%26eb_br%3Daea15b65f697c2bc2826a2d1d3e3275f%2C90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26ebss%3D10061%2C11304%2C11307%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D300%26br2%3D300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C117%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C774%2C2310%2C2764%2C2765%2C3054%26lb%3D600%26reqt%3D1654122364593&eri=1&sc=1&cookie=ID%3D65ada3f94c60f67d%3AT%3D1654122361%3AS%3DALNI_MbUvPjXHESVhkykSQ7zxXm99zqJCg&abxe=1&dt=1654122364603&lmt=1654122364&dlt=1654122360128&idt=1148&biw=1600&bih=1200&adxs=315&adys=50&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffilesamples.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=1600x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=110614979.1654122361&ga_sid=1654122361&ga_hid=55930572&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
fe8b429ff633aa1b290d9ab5b91d4d910c9cc054e9f6f9f66e76697b8655279f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		326 B
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171654112646377&correlator=1923490212780613&eid=31067773%2C31061167%2C31065401&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21732118914%3A22573772600%2Cfilesamples_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=540251406&sfv=1-0-38&ecs=20220601&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C3%257C%26iid1%3D8487947841494820%26eid%3D8487947841494820%26t%3D134%26d%3D176527%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dfilesamples_com-medrectangle-2-8487947841494820%26eb_br%3Dc8f8afd5bc9d2b8b306959d0f8989efe%2C43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10061%2C11304%2C11307%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D220%26br2%3D220%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C16%2C28%2C67%2C45%2C0%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C774%2C20%2C2310%2C2526%2C2527%2C2763%2C2764%2C2765%2C3154%26hb_bidder%3Dmedianet%26hb_adid%3D406c4418df8bf4f%26hb_pb%3D0.02%26hb_format%3Dbanner%26hb_ssid%3D11307%26hb_opt%3D0.02%26hb_rt%3Dclient%26lb%3D450%26reqt%3D1654122364598&eri=1&sc=1&cookie=ID%3D65ada3f94c60f67d%3AT%3D1654122361%3AS%3DALNI_MbUvPjXHESVhkykSQ7zxXm99zqJCg&abxe=1&dt=1654122364606&lmt=1654122364&dlt=1654122360128&idt=1148&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffilesamples.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&fws=512&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=110614979.1654122361&ga_sid=1654122361&ga_hid=55930572&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
198ea2d24a5c0834e08503e4c8d7137ca5a408f16950c32d3c90a3199a1be030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffilesamples.com%2F&domain=filesamples.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://filesamples.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 01 Jun 2022 22:26:04 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1208
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffilesamples.com%2F&domain=filesamples.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=yahAdnwvVGlRVjF5cE1tcEZiWnFDNGVBMTF5OG9JUVg2Wnh1V0dDK0xaMEk5OThqYUtlL2FkVlNhZ05BblpTUjJuR2V0QkNNNW9mM1Exei9SeWF4d1hNQzR2b0RkMnV3b1YrSkdaU05hZWcwZG1NWllwQllGOThOVkJsRm...
369 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yahAdnwvVGlRVjF5cE1tcEZiWnFDNGVBMTF5OG9JUVg2Wnh1V0dDK0xaMEk5OThqYUtlL2FkVlNhZ05BblpTUjJuR2V0QkNNNW9mM1Exei9SeWF4d1hNQzR2b0RkMnV3b1YrSkdaU05hZWcwZG1NWllwQllGOThOVkJsRmc1OFMrdnRzS3Ixc0tRYjdoVU92NHdnWHNjeFRvOEFueUJDOVFiOVhkVCsza3BoZ1pVcmdBelVQR3EwTk8vQ3VxazhNWGpXdXA3Z3YxaFBXRzAzMG1ISmp0THN1SnBpeGdyYVYrY00yQVByeWFrOVNsRkhJPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e191aaa51a298350551b681ffdf7a691f3e906c268b4fb2510f64b9a0ff7fa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:05 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3380
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:05 GMT
location
https://mug.criteo.com/sid?cpp=yahAdnwvVGlRVjF5cE1tcEZiWnFDNGVBMTF5OG9JUVg2Wnh1V0dDK0xaMEk5OThqYUtlL2FkVlNhZ05BblpTUjJuR2V0QkNNNW9mM1Exei9SeWF4d1hNQzR2b0RkMnV3b1YrSkdaU05hZWcwZG1NWllwQllGOThOVkJsRmc1OFMrdnRzS3Ixc0tRYjdoVU92NHdnWHNjeFRvOEFueUJDOVFiOVhkVCsza3BoZ1pVcmdBelVQR3EwTk8vQ3VxazhNWGpXdXA3Z3YxaFBXRzAzMG1ISmp0THN1SnBpeGdyYVYrY00yQVByeWFrOVNsRkhJPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1458
content-length
482
expires
0
457.json
id5-sync.com/g/v2/ 		213 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
809f2323f293ce82641f71214f7af0ba867773b86ca176f1fcf4afa8e5fac054
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filesamples.com
date
Wed, 01 Jun 2022 22:26:05 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
/
id.a-mx.com/sync/ 		98 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://filesamples.com/&u=https://filesamples.com/&v=6.23.0&vg=epbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f401f18a623fd68e57adad0c1ebe8ad325cabc6212caccdb143957d6ae276ca

Request headers

Referer
https://filesamples.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Jun 2022 22:26:05 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUMurNAkwXTBAb0bEalEfQnU0DxW4milRmLC4ZgcW9gcdlGCTn6MA1Ha2%2B%2BiRbsigoffh6yBXszpKQ2FaMMp2sTZXfmtvVmN64gIrn4ydwrKQBcV7vT7V%2FrVgpWncI3v7SRwd%2FZ%2F8lE5Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
714b5e70e9a2839d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
csync.smilewanted.com/ Frame 7B70 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82009546877bd0e33897de19d48b10a89c32182f68eeaecd8461d0e94dc80873

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
714b5e700c777708-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame DD5E 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C117%2C238%2C97%2C55%2C99%2C56%2C59%2C3012%2C3010%2C241%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C339%2C77%2C182%2C141%2C262%2C222%2C223%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.32.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-32-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f7de28c207214ce0f720d3edae93b3f1ba38c80fc59d310fa4328a6fbddcce90
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8324
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:05 GMT
expires
Fri, 03 Jun 2022 22:26:05 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 950E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
64739
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Jun 2022 22:26:05 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 26 May 2022 04:26:53 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 291028
X-Served-By
cache-lga21957-LGA, cache-lcy19227-LCY
X-Timer
S1654122366.508185,VS0,VE0
visitormatch
bh.contextweb.com/ Frame 7B3A 		27 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-GB
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-8665795bf5-pnnl7
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
/
onetag-sys.com/usync/ Frame 638C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1654122361141
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C006 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,medianet,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rhythmone,sharethrough,smilewanted,unruly,yahoossp,yieldmo&cb=195-2-39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33840
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:05 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 02 Jun 2022 07:50:05 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 7B70 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
744913
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
714b5e709d4f7708-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame 950E 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Jun 2022 22:26:05 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0d9e5bea-3d04-40d0-b5a6-523174c3c5ba
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 8C83 		0
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
714b5e70fe087708-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
setuid
ib.adnxs.com/prebid/ Frame 5806
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=1246f00bc599c2aa49df0325cbf463f4
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=1246f00bc599c2aa49df0325cbf463f4
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

AN-X-Request-Uuid
bcc4a368-69af-4a91-b2ce-c334a6ecee1a
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 01 Jun 2022 22:26:05 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
714b5e70fe0e7708-LHR
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=1246f00bc599c2aa49df0325cbf463f4
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame BCCB 		1 KB
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
714b5e720f07cc46-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
PugMaster
image6.pubmatic.com/AdServer/ Frame C006 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12720266&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c943e7ed01a7de4689fa207b0eda00285e1dfdfa2ba75ec626cff10069b5d56

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
getuid
sync.smartadserver.com/ Frame CBAB
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
0
date
Wed, 01 Jun 2022 22:26:05 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Wed, 01 Jun 2022 22:26:05 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yahAdnwvVGlRVjF5cE1tcEZiWnFDNGVBMTF5OG9JUVg2Wnh1V0dDK0xaMEk5OThqYUtlL2FkVlNhZ05BblpTUjJuR2V0QkNNNW9mM1Exei9SeWF4d1hNQzR2b0RkMnV3b1YrSkdaU05hZWcwZG1NWllwQllGOThOVkJsRmc1OFMrdnRzS3Ixc0tRYjdoVU92NHdnWHNjeFRvOEFueUJDOVFiOVhkVCsza3BoZ1pVcmdBelVQR3EwTk8vQ3VxazhNWGpXdXA3Z3YxaFBXRzAzMG1ISmp0THN1SnBpeGdyYVYrY00yQVByeWFrOVNsRkhJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 01 Jun 2022 22:26:05 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1032
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
66ac07d0-00ba-492f-a3f2-14998ce77f4e&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 0B2E
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/66ac07d0-00ba-492f-a3f2-14998ce77f4e&partner_id=1010
0
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/66ac07d0-00ba-492f-a3f2-14998ce77f4e&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
714b5e7228307708-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Wed, 01 Jun 2022 22:26:05 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/66ac07d0-00ba-492f-a3f2-14998ce77f4e&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame 7A77 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
611afce88997db6fdd35eb213e662871
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA28 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33840
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:05 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 02 Jun 2022 07:50:05 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
1
sync-eu.connectad.io/syncer/ Frame 71EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
714b5e72bf77cc46-ZRH
date
Wed, 01 Jun 2022 22:26:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
YpfnfgzS7IYRVMaPrW1apgAA%26694
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame EDAB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YpfnfgzS7IYRVMaPrW1apgAA%26694
0
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YpfnfgzS7IYRVMaPrW1apgAA%26694
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
714b5e75ce817708-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 01 Jun 2022 22:26:06 GMT
Expires
Wed, 01 Jun 2022 22:26:06 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YpfnfgzS7IYRVMaPrW1apgAA%26694
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
d402e827-e1f9-11ec-be47-1a3233820406
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 02BF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=d402e875-e1f9-11ec-be47-1a3233820406
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/d402e827-e1f9-11ec-be47-1a3233820406
0
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/d402e827-e1f9-11ec-be47-1a3233820406
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
714b5e751d317708-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Wed, 01 Jun 2022 22:26:06 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/d402e827-e1f9-11ec-be47-1a3233820406
Server
nginx
X-fe
60
ed6e8550-c119-49dd-9032-fd8054cf1f2b
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 518A
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/ed6e8550-c119-49dd-9032-fd8054cf1f2b?gdpr_consent=null&gdpr=0
0
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/ed6e8550-c119-49dd-9032-fd8054cf1f2b?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
714b5e749c5e7708-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 22:26:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 01 Jun 2022 22:26:06 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/ed6e8550-c119-49dd-9032-fd8054cf1f2b?gdpr_consent=null&gdpr=0
server
_
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171654112646377&correlator=2822617842785848&eid=31067773%2C31061167%2C31065401&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21732118914%3A22573772600%2Cfilesamples_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=6&adks=1900633481&sfv=1-0-38&ecs=20220601&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C252%257C%26iid1%3D3938322249479915%26eid%3D3938322249479915%26t%3D134%26d%3D176527%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dfilesamples_com-box-2-3938322249479915%26eb_br%3D736e4998c7cae21e6c67e08e2de4db76%2C3530fcb6bcc13dc3c1712eaef7d92700%26eba%3D1%26ebss%3D10061%2C11304%2C11307%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D160%26br2%3D300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C117%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C774%2C2310%2C2764%2C2765%2C3054%2C17%2C20%2C2310%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C835%26lb%3D300%26reqt%3D1654122365106&eri=1&sc=1&cookie=ID%3D65ada3f94c60f67d%3AT%3D1654122361%3AS%3DALNI_MbUvPjXHESVhkykSQ7zxXm99zqJCg&abxe=1&dt=1654122366112&lmt=1654122366&dlt=1654122360128&idt=1148&biw=1600&bih=1200&adxs=315&adys=50&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffilesamples.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=1600x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=110614979.1654122361&ga_sid=1654122361&ga_hid=55930572&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
0e76e30ef7e1c47bf28c1691805df7d5059b258d9a23b06048bba548f08bcc1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9009
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		326 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171654112646377&correlator=395795431964019&eid=31067773%2C31061167%2C31065401&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21732118914%3A22573772600%2Cfilesamples_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=540251406&sfv=1-0-38&ecs=20220601&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C3%257C%26iid1%3D8487947841494820%26eid%3D8487947841494820%26t%3D134%26d%3D176527%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dfilesamples_com-medrectangle-2-8487947841494820%26eb_br%3D9b8b7ac6c7f250874e7a1340470af55d%2C58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10061%2C11304%2C11307%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D220%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C16%2C28%2C67%2C45%2C0%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C774%2C20%2C2310%2C2526%2C2527%2C2763%2C2764%2C2765%2C3154%2C17%2C20%2C2310%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3154%2C835%26hb_bidder%3Dmedianet%26hb_adid%3D406c4418df8bf4f%26hb_pb%3D0.02%26hb_format%3Dbanner%26hb_ssid%3D11307%26hb_opt%3D0.02%26hb_rt%3Dclient%26lb%3D220%26reqt%3D1654122365117&eri=1&sc=1&cookie=ID%3D65ada3f94c60f67d%3AT%3D1654122361%3AS%3DALNI_MbUvPjXHESVhkykSQ7zxXm99zqJCg&abxe=1&dt=1654122366119&lmt=1654122366&dlt=1654122360128&idt=1148&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffilesamples.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&fws=512&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=110614979.1654122361&ga_sid=1654122361&ga_hid=55930572&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
34672b7fe8ea0bf7d5610f63f912ccff24d3f77cd8a531db2586e2bba2e18dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		327 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171654112646377&correlator=1414434740732322&eid=31067773%2C31061167%2C31065401&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21732118914%3A22573772600%2Cfilesamples_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=8&adks=3634418928&sfv=1-0-38&ecs=20220601&fsapi=false&prev_scp=a%3D%257C5%257C%26iid1%3D8566546959458128%26eid%3D8566546959458128%26t%3D134%26d%3D176527%26t1%3D134%26pvc%3D0%26ap%3D1137%26sap%3D1137%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dfilesamples_com-medrectangle-1-8566546959458128%26eb_br%3D04ebbcfde9a1ec4f315d9a36cf0b7b8e%26eba%3D1%26ebss%3D10061%2C11304%2C11307%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D900%26br2%3D450%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C774%26hb_bidder%3Dmedianet%26hb_adid%3D39a2a90556ac354%26hb_pb%3D0.14%26hb_format%3Dbanner%26hb_ssid%3D11307%26hb_opt%3D0.14%26hb_rt%3Dclient&eri=1&sc=1&cookie=ID%3D65ada3f94c60f67d%3AT%3D1654122361%3AS%3DALNI_MbUvPjXHESVhkykSQ7zxXm99zqJCg&abxe=1&dt=1654122366371&lmt=1654122366&dlt=1654122360128&idt=1148&biw=1600&bih=1200&adxs=632&adys=1502&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffilesamples.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=1600x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=110614979.1654122361&ga_sid=1654122361&ga_hid=55930572&ga_fc=true&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
3e3d68c01c6291c27499240350fd0ae9bb1d23e53fb89a4b9abfa42492c14054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filesamples.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 3905
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=500996E2-3BB5-4B16-9311-9572A3A2A6EC
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=500996E2-3BB5-4B16-9311-9572A3A2A6EC
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=500996E2-3BB5-4B16-9311-9572A3A2A6EC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 01 Jun 2022 22:26:06 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 01 Jun 2022 22:26:06 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=500996E2-3BB5-4B16-9311-9572A3A2A6EC
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame BA69
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3281478612038668457
0
0
img
sync.mathtag.com/sync/ Frame 8306 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame E869 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 22:26:06 GMT
expires
Wed, 01 Jun 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
482258
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame AC96
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7104401465567672472
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 96C4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7uuAVPiyTFl5JzezVVusB9mKxGk
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame D10A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YpfnfgAFwr7OYgAo&gdpr=0&gdpr_consent=&_test=YpfnfgAFwr7OYgAo
0
0
adx
match.prod.bidr.io/cookie-sync/ Frame 2EA2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGNk8wN0ZMODhBQUZOdW1KQUdOZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.107.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Wed, 01 Jun 2022 22:26:06 GMT
Server
nginx
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 22:26:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
bridge
cm.adgrx.com/ Frame B95F 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 01 Jun 2022 22:26:06 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-2
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 67C8
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
0
i.match
s.tribalfusion.com/z/ Frame FC21
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
0
0
cookiesync
core.iprom.net/ Frame C494 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 01 Jun 2022 22:26:06 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-bd4c65e83577@version_1.505
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 6943 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame E052
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1654122366628
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
0
0
/
loada.exelator.com/load/ Frame ADB5
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2...
0
0
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 8A87
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=307da0ad-64fa-4e88-9948-6ee385607b41-tuct9916cfe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C006
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UAmW4ju1SxaTEZVyo6Km7A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=33839
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 02 Jun 2022 07:50:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame C006 		0
0
generic
match.adsrvr.org/track/cmf/ Frame C006
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=500996E2-3BB5-4B16-9311-9572A3A2A6EC
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame C006
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTAwOTk2RTItM0JCNS00QjE2LTkzMTEtOTU3MkEzQTJBNkVD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame C006
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHxwh-VkYQxWsSZw_o_-3bE&google_cver=1
0
0
pubmatic
um.simpli.fi/ Frame C006 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 31 May 2022 22:26:06 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C006
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2515579688149388883
0
0
generic
match.adsrvr.org/track/cmf/ Frame C006 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame C006
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1305826402125705105&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame C006
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bO2y6D_ovLp35u7pbL6muzzu7e13u-3naO8H4YD4
0
0
500996E2-3BB5-4B16-9311-9572A3A2A6EC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C006 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/500996E2-3BB5-4B16-9311-9572A3A2A6EC?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6b88:e1e2:688e:aa3b -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame C006
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=500996E2-3BB5-4B16-9311-9572A3A2A6EC&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=500996E2-3BB5-4B16-9311-9572A3A2A6EC&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xvvdOYtE2uVCQc0SLs8yztLxlHmz8fA-~A&gdpr=0&gdpr_consent=
0
0
sync
x.bidswitch.net/ul_cb/ Frame C006
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame C006 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=500996E2-3BB5-4B16-9311-9572A3A2A6EC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C006
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3186348006765209032&gdpr=0&gdpr_consent=&us_privacy=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C006
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:47e27b2e-c894-46a6-8c88-2e43460ee3c8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C006 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:06 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
getuid
secure.adnxs.com/ Frame C006
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
0
0
container.html
475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA24 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filesamples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 22:26:01 GMT
expires
Thu, 01 Jun 2023 22:26:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
g.ezoic.net/porpoiseant/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzkzODMyMjI0OTQ3OTkxNSIsImRvbWFpbl9pZCI6IjE3NjUyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWZpbGVzYW1wbGVzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiYWRfcG9zaXRpb24iOjExMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0NzY0NzM5Mzc5LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjM5MzgzMjIyNDk0Nzk5MTUiLCJkb21haW5faWQiOiIxNzY1MjciLCJ1bml0IjoiZGl2LWdwdC1hZC1maWxlc2FtcGxlc19jb20tYm94LTItMCIsInRfZXBvY2giOjE2NTQxMjIzNjAsImFkX3Bvc2l0aW9uIjoxMTIxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjBiNjgzNDA2LTgzYjktNGIxYy00MTFiLTdhMjNjYTBlODVkNCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDc2NDczOTM3OSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjczNmU0OTk4YzdjYWUyMWU2YzY3ZTA4ZTJkZTRkYjc2LDM1MzBmY2I2YmNjMTNkYzNjMTcxMmVhZWY3ZDkyNzAwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzOTM4MzIyMjQ5NDc5OTE1IiwiZG9tYWluX2lkIjoiMTc2NTI3IiwidW5pdCI6ImRpdi1ncHQtYWQtZmlsZXNhbXBsZXNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjU0MTIyMzYwLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDE2LCJhZF9wb3NpdGlvbiI6MTEyMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAxNiwiYmlkX2Zsb29yX3ByZXYiOjAuMDAzLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkdCIiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ3NjQ3MzkzNzksImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzOTM4MzIyMjQ5NDc5OTE1IiwiZG9tYWluX2lkIjoiMTc2NTI3IiwidW5pdCI6ImRpdi1ncHQtYWQtZmlsZXNhbXBsZXNfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjU0MTIyMzYwLCJhZF9wb3NpdGlvbiI6MTEyMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkdCIiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ3NjQ3MzkzNzksImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzkzODMyMjI0OTQ3OTkxNSIsImRvbWFpbl9pZCI6IjE3NjUyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWZpbGVzYW1wbGVzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiYWRfcG9zaXRpb24iOjExMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0NzY0NzM5Mzc5LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI0NzY0NzM5Mzc5In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://filesamples.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Tue, 31 May 2022 22:26:03 GMT
4764739379
go.ezodn.com/dac/ 		0
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/dac/4764739379
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-2&bv=116&v=58&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 22:26:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGgkNZWeh%2BMP%2BNYuo3ixm4WSDn%2FRWpaSYoXMnTlOKpt%2FvRX%2BKtyhSTKdq%2BbTMid3D%2FwTIbjBYTsdO5MBTDIshB1miOxglasg2XjrGUSRfQHowAXb%2BwZWroraBzWtUCN8fT2f35ww5Hy0OgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
714b5e7658b1f933-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
army.gif
g.ezoic.net/porpoiseant/ 		0
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzkzODMyMjI0OTQ3OTkxNSIsImRvbWFpbl9pZCI6IjE3NjUyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWZpbGVzYW1wbGVzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiYWRfcG9zaXRpb24iOjExMjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiMGI2ODM0MDYtODNiOS00YjFjLTQxMWItN2EyM2NhMGU4NWQ0IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0NzY0NzM5Mzc5LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0wNi0wMSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjMifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://filesamples.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Tue, 31 May 2022 22:26:05 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzkzODMyMjI0OTQ3OTkxNSIsImRvbWFpbl9pZCI6IjE3NjUyNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWZpbGVzYW1wbGVzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY1NDEyMjM2MCwiYXVjdGlvbl9lcG9jaCI6MTY1NDEyMjM2NiwiYWRfcG9zaXRpb24iOjExMjEsImNvdW50cnlfY29kZSI6IkdCIiwicGFnZXZpZXdfaWQiOiIwYjY4MzQwNi04M2I5LTRiMWMtNDExYi03YTIzY2EwZTg1ZDQiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NjAwLCJiaWRfZmxvb3JfcHJldiI6MzAwLCJiaWRfZmxvb3JfZmlsbGVkIjoxNjAsImF1Y3Rpb25fY291bnQiOjMsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjMyMCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MjE3MzIxMTg5MTQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDc2NDczOTM3OX1d
Requested by
Host: filesamples.com
URL: https://filesamples.com/detroitchicago/memphis.js?gcb=195-2&cb=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://filesamples.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Tue, 31 May 2022 22:26:05 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F23B 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYzY6AvwEwAQ&v=APEucNXfgaiGWRtpfVElIlmnwTf7miAoJb1z7uNAnAQMd-oF-EQQUUkQgBi2HTZZ727PKG9Wnm6rWViRBtihUGl2tle_tbcqK1IZ2CfF_zmo__DbSlaHXQ3eAoRMHhE8UIM1bcxf8eZDdDuA3kLTSzZ9NEE3KhYHZjUDIpNwyHdu74U-Hx0A-uR2I2d24k2c0646SGepodG-fmw_uNU0-z1NpfvueVHqPg
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 22:26:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EA24 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Al1WGxAjuhFpy1vHffv1Nw3nWlYmyzvJbiIpYh-nEjkXeem4PPEVABnSkXwqorNaNZULzjtoXZPg8k4GyJH-feGB2hnQ&cry=1&dbm_d=AKAmf-DT66ausCSOGi9wBIDk2mdI-k7Hf75wh6mU0EupHAeEy0m7rozQVstA2AYQbuF-eGp6RgVwZQ210ZFhh8xGTWrlrlhRDam56BDx_2S8oIi5bmSwCF4bg9AXdrJD5SYbShrSYxcXDc_F8nJJvDKuJUT7oGc_YYWGTpYcBU5Qbdijfcmvd2jdCwqERaIEIaEhQrcT7eM5Bz1zr1bJxeJBqcb25nZ3GwxVS3s_xAAAH198fDd_halg8-PJ2OveuDgkiHRvQS-xasysqXb-3jS4y9icmrAJbxD4UDZx7JL3fyUFQha2hoTLjCvCqpNLfXDXSR0sG8zPjY4XofCyfnQ1InxqTsxxI20DR6T0QBaPK9sj569QAm4NDnLMV8Kjcqu23sbWdgP7fikvoDDMvLSCheZxkoTvppetpqD3wGPhg-3EEKoHMq4ap1zKZakGL7O0ZkBYtunW8akdb1ImcOlg24yArxbn0Gu9TjT6cqzo6ncee6S-DqMrOSiEQ6LtiapHxzPAsITfQoGUHg-HMLgSkcWgp0ZIuH7wps47lCa2yhmoKrMfhWe0x87i010isrUOlCp1DJGHlrDkcqI_RQ4BJhV2QacKWLqDTmK186Z9VAPOft7upbYdnV68datWtsD6L9whz2im55rAder3Ymxnd7zpK4eXtynqESFDkKS-HGEpiXqSnXRoDf_aiG-u1jF5F84h9_ecFAivMfUgwFW2dD9PdmASnc3OGdf8p6i14ldRq09RiQhAMz7TMDV7IKZQzg7hosZGFL2Qiul0mGsxoafYZBwrUJWRLS04Pt16pZjTclYsoCPW4db3FZV4lP6CaZVKBH80buKf5G1UMqDcOdyf09kFdhTuyWHKxvVY4fQtiHFAnPIqEpJeztMn4Gg0b0oEg2lUjfCqahqmAEIM4EOa39ridOrv0MTGc0UgYNj99n5Mwi-YtNGIlE-fpGQgQ_K70ql2tw_BhmYzpNbaSznvjoU4JHH2aVQj3A-mxLDLq-aKcc_G44Y2vTGhcwYRJGsJlIA6WXs7ReHKzsjeYnpW7BLGQiR6K6b_9yhojPQbXmllaG86LzYiSEoXOKdtWFTHnEcSxaEut97aw732KnMgColNk7LTTomCqEEHsnrdE2hVhD3qf874UozPmN8e9L9_ptcZuL7kJhX1G2k51CCpY3HEV63Z4v9ZvHI70fW7bqqGp310aWeJdmlNflFxMwcy9D72JJq7BXy-GGacFPARLUIm1cz_tx31fsqao28dzxXgJXv7dmLWhq798FMY-Rrj-UlCFbeWfdcUmv5L6_M8AcbHOA0mwoH7ArWE7nOaFgDqawn8lM2cwLsOVaOabIBaMGmL2j1uj6UPlF02JHl_S7PS35jSZ7at12L83Rsx9nCTCgYiGJaNv0q4KTbP8zfVSHsfsXbUqAePpJ_yOWtec_T9uZzCSTHgXxap-9Cb3v8JImU_S1J4oNCNs8zkIj0qn2SAl7vTqiSGM6CeIv68aRKHlj0Y2ybpF8iX4YtMCFj-C3F5E16dAL56f5LHCITTM5tosH332Wzz-4FzW2WBELK1SIYX5rqGnfoFMqNdNvQ30GNbdSI1g7qFp23STZgxIIHycBEGuuRiLyj8sj25gTJRxWFUNyLVkb5Cf5W3rOrOqYfwkqXuxqFfq8ybX_OdPw7MtGCGZf24hBdiHloRoH1MoxrACZwqvTy0MiyT_SgxjQRixw8De-X2FvOgk4CYBSz8-W3_eO4WMAhpjGxRCHRKgesCZFz--5FU5rDI2L7C99hxCzGiiw9tX6c55_sm5_M1aTl_HhP65bcfqW4xDJjIgkYtUcNFXrATP8aS7ZyOhhQiqk_iGi-WFjeUaNSU2ENMwzSa1YRZi9IY9N3KuyyNq2GdJXKxUFB6NtSuHWqUpAe6oospEOHxVWP1D9UZu-uTzrpEque07Nix5VeO-DDOX1Fb2t4AMlKtnbE0PMn5g7pP7KTR9_IHWHJU8Y5YxG1zR0y_DOYdYSPW5Ey5n9yVn2GXnkYbDwiPafZvhGWQyteHtdstNhQhmwzczmHGH485GhHaNgESmIR6Fra-qWOy9YbDCj_GPu_-HkjqZePvbbl_cZb0YrIz66vDmd5-sAQYMi00AzexYpgwZpSEHo5jWqHA6y_082KGfoNXIh9IGKDeXgF_SPThCCxYFWPg8ElB6udpWbTEqWQbPX9wVJc3-147_ioWm6xcjJJfpH1QaDZavpkmz-8_lv2sJ66un2a2enNaerm1J7f8OKqyxmHLc5AUd5TdS-Rr7wRODzRnIE7PlK6VOQ3AZSTORTjDysspupgVawHqWPO7FwsYJWF1NCUEkG1WYBCyez3Dx6Id5bI2_XLKaZq-Tm5squ5CSoArKgsXkn8vDPfoDQFERezCH5_Rm3IVGU1x-eBd8o_psaXEkM3s8c_EJAP3D0EtpezFt5atxqcZIU-0vClugoIVUVMCH-HQXz6a61fYZRLWgb3ZZ1Q7uzKlkZoMTtTJMUX7vfzXrwJC7RFfPQbdvtUrpL5eAbxmczH5iaNVO4D_UVUVxndmtMPBT_7fgLo3JaTDIphemBaxbOq9visz0IW4ItziMCKnH6krTPafSAO66g1Dh7R9on_CcHfhPJFH4bMhpbWIReBjGdWxW5ywGff2xTCYxKCBf5JQZg7Lc1qu4CecrjPnGEMo8QgjCGLzE4XjqIMEtKQhB2qwCZ255DSzi27WEJj_wflLC71JdxDnMmqkBEu_F0qIU-del5aeMyrFyzw9hYTutXSWLCq_mVcIwAXDMij7oX-_BlbURv2kiwFtRBU8RFfm4hrUe2eh31tCosWLfEBm2xfa_tXC7Rr1Pjz7u5Z_r9u23AIzW2wzX1dgtmrmumj4oPugu_x8Z6_qJxEdJ6TirHa3YDop6gelcxPyuN6rSxCFobhv1DppQ1jmRdSO8SyZ3owdwKQwR79BvD2cRmk41OIMcPrzE85SlC8RErwWwNg4TlzJf215ta-xy-g3HS3fC7DAiF6xffLKMvA9J_Q-K_sEMOXR3T_sYsZfxH505rGC6fsAi9Nrd3NaX1-QS2zMgAfhSkECyAw3RU_XD-BSuXgZ9Z9orcfOMmheDhprdHmum1Ler1vlsAifvBrj6gRRLud8s5CATYttY4t-I76u-R2MuxV3I0tM2ALzu_LXLOg6bQUQNR3mjlWD4v9vliT98Oj6yqrTV32oyoeebZZkyY50aMo4TSWi5AHeDgmAp78-vQd6riae_wYGt-dFtt0IHjyCiEIJzupVoWEVt6Mu9qN2C08tawvsXw&cid=CAASJORo_tbV1TZ6GcZ9ybYILwX_DOTsgpRRkyCLUoGkL-bXs13DGQ&rfl=1%2Chttps%253A%252F%252Ffilesamples.com%252F%240
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d93d63cbc86571ea044b46ca00719d3b5af53ed5bd33abe5ed2a9a95ffcc3bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33451
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA24 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0BDHqDqV9pOD3q_sMkBh-fLVKx2iM4r9G7u6VC7wdOtZNMDf_jn_1wG_bJyJyo67KXk4D-wlPliMvDXiz9N8LBjHsMRc2HN1JvvU6rQk6DVBZtmk
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame EA24 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2019.js
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA24 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 22:26:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame EA24 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:06:43 GMT
l
www.google.com/ads/measurement/ Frame EA24 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPkfaU1KF_W4I1llq0RA7fIbytXIIdPTsplQiSY2rOjyCkTorCLUuRq8GnVFTmIjqjYUsjpTRyyKNvm5ccZvEkLJWAOA
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 950E 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Jun 2022 22:26:06 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
10606ba8-1a6b-45de-b7be-a454bcfbc9cc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filesamples.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://filesamples.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Jun 2022 22:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
rum
dsum-sec.casalemedia.com/ Frame F23B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEF8avARainHieiVzgB0lfI&google_cver=1
0
0
rrum
dsum-sec.casalemedia.com/ Frame F23B 		0
0
setuid
ib.adnxs.com/ Frame F23B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL0sszhrNOiujsHkX4H2tF8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEL0sszhrNOiujsHkX4H2tF8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYzY6AvwEwAQ&v=APEucNXfgaiGWRtpfVElIlmnwTf7miAoJb1z7uNAnAQMd-oF-EQQUUkQgBi2HTZZ727PKG9Wnm6rWViRBtihUGl2tle_tbcqK1IZ2CfF_zmo__DbSlaHXQ3eAoRMHhE8UIM1bcxf8eZDdDuA3kLTSzZ9NEE3KhYHZjUDIpNwyHdu74U-Hx0A-uR2I2d24k2c0646SGepodG-fmw_uNU0-z1NpfvueVHqPg
Protocol
HTTP/1.1
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Jun 2022 22:26:06 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d8d8bad1-df4b-474f-b8f2-ac60ccb5a131
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEL0sszhrNOiujsHkX4H2tF8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F23B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwNTgyNjQwMjEyNTcwNTEwNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwNTgyNjQwMjEyNTcwNTEwNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYzY6AvwEwAQ&v=APEucNXfgaiGWRtpfVElIlmnwTf7miAoJb1z7uNAnAQMd-oF-EQQUUkQgBi2HTZZ727PKG9Wnm6rWViRBtihUGl2tle_tbcqK1IZ2CfF_zmo__DbSlaHXQ3eAoRMHhE8UIM1bcxf8eZDdDuA3kLTSzZ9NEE3KhYHZjUDIpNwyHdu74U-Hx0A-uR2I2d24k2c0646SGepodG-fmw_uNU0-z1NpfvueVHqPg
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 22:26:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Jun 2022 22:26:06 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
13efa2e5-738b-4a18-8e75-7853e4459f47
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwNTgyNjQwMjEyNTcwNTEwNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame EA24 		106 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: filesamples.com
URL: https://filesamples.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
Origin
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 08:43:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49340
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Jun 2022 08:43:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame EA24 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Al1WGxAjuhFpy1vHffv1Nw3nWlYmyzvJbiIpYh-nEjkXeem4PPEVABnSkXwqorNaNZULzjtoXZPg8k4GyJH-feGB2hnQ&cry=1&dbm_d=AKAmf-DT66ausCSOGi9wBIDk2mdI-k7Hf75wh6mU0EupHAeEy0m7rozQVstA2AYQbuF-eGp6RgVwZQ210ZFhh8xGTWrlrlhRDam56BDx_2S8oIi5bmSwCF4bg9AXdrJD5SYbShrSYxcXDc_F8nJJvDKuJUT7oGc_YYWGTpYcBU5Qbdijfcmvd2jdCwqERaIEIaEhQrcT7eM5Bz1zr1bJxeJBqcb25nZ3GwxVS3s_xAAAH198fDd_halg8-PJ2OveuDgkiHRvQS-xasysqXb-3jS4y9icmrAJbxD4UDZx7JL3fyUFQha2hoTLjCvCqpNLfXDXSR0sG8zPjY4XofCyfnQ1InxqTsxxI20DR6T0QBaPK9sj569QAm4NDnLMV8Kjcqu23sbWdgP7fikvoDDMvLSCheZxkoTvppetpqD3wGPhg-3EEKoHMq4ap1zKZakGL7O0ZkBYtunW8akdb1ImcOlg24yArxbn0Gu9TjT6cqzo6ncee6S-DqMrOSiEQ6LtiapHxzPAsITfQoGUHg-HMLgSkcWgp0ZIuH7wps47lCa2yhmoKrMfhWe0x87i010isrUOlCp1DJGHlrDkcqI_RQ4BJhV2QacKWLqDTmK186Z9VAPOft7upbYdnV68datWtsD6L9whz2im55rAder3Ymxnd7zpK4eXtynqESFDkKS-HGEpiXqSnXRoDf_aiG-u1jF5F84h9_ecFAivMfUgwFW2dD9PdmASnc3OGdf8p6i14ldRq09RiQhAMz7TMDV7IKZQzg7hosZGFL2Qiul0mGsxoafYZBwrUJWRLS04Pt16pZjTclYsoCPW4db3FZV4lP6CaZVKBH80buKf5G1UMqDcOdyf09kFdhTuyWHKxvVY4fQtiHFAnPIqEpJeztMn4Gg0b0oEg2lUjfCqahqmAEIM4EOa39ridOrv0MTGc0UgYNj99n5Mwi-YtNGIlE-fpGQgQ_K70ql2tw_BhmYzpNbaSznvjoU4JHH2aVQj3A-mxLDLq-aKcc_G44Y2vTGhcwYRJGsJlIA6WXs7ReHKzsjeYnpW7BLGQiR6K6b_9yhojPQbXmllaG86LzYiSEoXOKdtWFTHnEcSxaEut97aw732KnMgColNk7LTTomCqEEHsnrdE2hVhD3qf874UozPmN8e9L9_ptcZuL7kJhX1G2k51CCpY3HEV63Z4v9ZvHI70fW7bqqGp310aWeJdmlNflFxMwcy9D72JJq7BXy-GGacFPARLUIm1cz_tx31fsqao28dzxXgJXv7dmLWhq798FMY-Rrj-UlCFbeWfdcUmv5L6_M8AcbHOA0mwoH7ArWE7nOaFgDqawn8lM2cwLsOVaOabIBaMGmL2j1uj6UPlF02JHl_S7PS35jSZ7at12L83Rsx9nCTCgYiGJaNv0q4KTbP8zfVSHsfsXbUqAePpJ_yOWtec_T9uZzCSTHgXxap-9Cb3v8JImU_S1J4oNCNs8zkIj0qn2SAl7vTqiSGM6CeIv68aRKHlj0Y2ybpF8iX4YtMCFj-C3F5E16dAL56f5LHCITTM5tosH332Wzz-4FzW2WBELK1SIYX5rqGnfoFMqNdNvQ30GNbdSI1g7qFp23STZgxIIHycBEGuuRiLyj8sj25gTJRxWFUNyLVkb5Cf5W3rOrOqYfwkqXuxqFfq8ybX_OdPw7MtGCGZf24hBdiHloRoH1MoxrACZwqvTy0MiyT_SgxjQRixw8De-X2FvOgk4CYBSz8-W3_eO4WMAhpjGxRCHRKgesCZFz--5FU5rDI2L7C99hxCzGiiw9tX6c55_sm5_M1aTl_HhP65bcfqW4xDJjIgkYtUcNFXrATP8aS7ZyOhhQiqk_iGi-WFjeUaNSU2ENMwzSa1YRZi9IY9N3KuyyNq2GdJXKxUFB6NtSuHWqUpAe6oospEOHxVWP1D9UZu-uTzrpEque07Nix5VeO-DDOX1Fb2t4AMlKtnbE0PMn5g7pP7KTR9_IHWHJU8Y5YxG1zR0y_DOYdYSPW5Ey5n9yVn2GXnkYbDwiPafZvhGWQyteHtdstNhQhmwzczmHGH485GhHaNgESmIR6Fra-qWOy9YbDCj_GPu_-HkjqZePvbbl_cZb0YrIz66vDmd5-sAQYMi00AzexYpgwZpSEHo5jWqHA6y_082KGfoNXIh9IGKDeXgF_SPThCCxYFWPg8ElB6udpWbTEqWQbPX9wVJc3-147_ioWm6xcjJJfpH1QaDZavpkmz-8_lv2sJ66un2a2enNaerm1J7f8OKqyxmHLc5AUd5TdS-Rr7wRODzRnIE7PlK6VOQ3AZSTORTjDysspupgVawHqWPO7FwsYJWF1NCUEkG1WYBCyez3Dx6Id5bI2_XLKaZq-Tm5squ5CSoArKgsXkn8vDPfoDQFERezCH5_Rm3IVGU1x-eBd8o_psaXEkM3s8c_EJAP3D0EtpezFt5atxqcZIU-0vClugoIVUVMCH-HQXz6a61fYZRLWgb3ZZ1Q7uzKlkZoMTtTJMUX7vfzXrwJC7RFfPQbdvtUrpL5eAbxmczH5iaNVO4D_UVUVxndmtMPBT_7fgLo3JaTDIphemBaxbOq9visz0IW4ItziMCKnH6krTPafSAO66g1Dh7R9on_CcHfhPJFH4bMhpbWIReBjGdWxW5ywGff2xTCYxKCBf5JQZg7Lc1qu4CecrjPnGEMo8QgjCGLzE4XjqIMEtKQhB2qwCZ255DSzi27WEJj_wflLC71JdxDnMmqkBEu_F0qIU-del5aeMyrFyzw9hYTutXSWLCq_mVcIwAXDMij7oX-_BlbURv2kiwFtRBU8RFfm4hrUe2eh31tCosWLfEBm2xfa_tXC7Rr1Pjz7u5Z_r9u23AIzW2wzX1dgtmrmumj4oPugu_x8Z6_qJxEdJ6TirHa3YDop6gelcxPyuN6rSxCFobhv1DppQ1jmRdSO8SyZ3owdwKQwR79BvD2cRmk41OIMcPrzE85SlC8RErwWwNg4TlzJf215ta-xy-g3HS3fC7DAiF6xffLKMvA9J_Q-K_sEMOXR3T_sYsZfxH505rGC6fsAi9Nrd3NaX1-QS2zMgAfhSkECyAw3RU_XD-BSuXgZ9Z9orcfOMmheDhprdHmum1Ler1vlsAifvBrj6gRRLud8s5CATYttY4t-I76u-R2MuxV3I0tM2ALzu_LXLOg6bQUQNR3mjlWD4v9vliT98Oj6yqrTV32oyoeebZZkyY50aMo4TSWi5AHeDgmAp78-vQd6riae_wYGt-dFtt0IHjyCiEIJzupVoWEVt6Mu9qN2C08tawvsXw&cid=CAASJORo_tbV1TZ6GcZ9ybYILwX_DOTsgpRRkyCLUoGkL-bXs13DGQ&rfl=1%2Chttps%253A%252F%252Ffilesamples.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
559
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:16:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame EA24 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Al1WGxAjuhFpy1vHffv1Nw3nWlYmyzvJbiIpYh-nEjkXeem4PPEVABnSkXwqorNaNZULzjtoXZPg8k4GyJH-feGB2hnQ&cry=1&dbm_d=AKAmf-DT66ausCSOGi9wBIDk2mdI-k7Hf75wh6mU0EupHAeEy0m7rozQVstA2AYQbuF-eGp6RgVwZQ210ZFhh8xGTWrlrlhRDam56BDx_2S8oIi5bmSwCF4bg9AXdrJD5SYbShrSYxcXDc_F8nJJvDKuJUT7oGc_YYWGTpYcBU5Qbdijfcmvd2jdCwqERaIEIaEhQrcT7eM5Bz1zr1bJxeJBqcb25nZ3GwxVS3s_xAAAH198fDd_halg8-PJ2OveuDgkiHRvQS-xasysqXb-3jS4y9icmrAJbxD4UDZx7JL3fyUFQha2hoTLjCvCqpNLfXDXSR0sG8zPjY4XofCyfnQ1InxqTsxxI20DR6T0QBaPK9sj569QAm4NDnLMV8Kjcqu23sbWdgP7fikvoDDMvLSCheZxkoTvppetpqD3wGPhg-3EEKoHMq4ap1zKZakGL7O0ZkBYtunW8akdb1ImcOlg24yArxbn0Gu9TjT6cqzo6ncee6S-DqMrOSiEQ6LtiapHxzPAsITfQoGUHg-HMLgSkcWgp0ZIuH7wps47lCa2yhmoKrMfhWe0x87i010isrUOlCp1DJGHlrDkcqI_RQ4BJhV2QacKWLqDTmK186Z9VAPOft7upbYdnV68datWtsD6L9whz2im55rAder3Ymxnd7zpK4eXtynqESFDkKS-HGEpiXqSnXRoDf_aiG-u1jF5F84h9_ecFAivMfUgwFW2dD9PdmASnc3OGdf8p6i14ldRq09RiQhAMz7TMDV7IKZQzg7hosZGFL2Qiul0mGsxoafYZBwrUJWRLS04Pt16pZjTclYsoCPW4db3FZV4lP6CaZVKBH80buKf5G1UMqDcOdyf09kFdhTuyWHKxvVY4fQtiHFAnPIqEpJeztMn4Gg0b0oEg2lUjfCqahqmAEIM4EOa39ridOrv0MTGc0UgYNj99n5Mwi-YtNGIlE-fpGQgQ_K70ql2tw_BhmYzpNbaSznvjoU4JHH2aVQj3A-mxLDLq-aKcc_G44Y2vTGhcwYRJGsJlIA6WXs7ReHKzsjeYnpW7BLGQiR6K6b_9yhojPQbXmllaG86LzYiSEoXOKdtWFTHnEcSxaEut97aw732KnMgColNk7LTTomCqEEHsnrdE2hVhD3qf874UozPmN8e9L9_ptcZuL7kJhX1G2k51CCpY3HEV63Z4v9ZvHI70fW7bqqGp310aWeJdmlNflFxMwcy9D72JJq7BXy-GGacFPARLUIm1cz_tx31fsqao28dzxXgJXv7dmLWhq798FMY-Rrj-UlCFbeWfdcUmv5L6_M8AcbHOA0mwoH7ArWE7nOaFgDqawn8lM2cwLsOVaOabIBaMGmL2j1uj6UPlF02JHl_S7PS35jSZ7at12L83Rsx9nCTCgYiGJaNv0q4KTbP8zfVSHsfsXbUqAePpJ_yOWtec_T9uZzCSTHgXxap-9Cb3v8JImU_S1J4oNCNs8zkIj0qn2SAl7vTqiSGM6CeIv68aRKHlj0Y2ybpF8iX4YtMCFj-C3F5E16dAL56f5LHCITTM5tosH332Wzz-4FzW2WBELK1SIYX5rqGnfoFMqNdNvQ30GNbdSI1g7qFp23STZgxIIHycBEGuuRiLyj8sj25gTJRxWFUNyLVkb5Cf5W3rOrOqYfwkqXuxqFfq8ybX_OdPw7MtGCGZf24hBdiHloRoH1MoxrACZwqvTy0MiyT_SgxjQRixw8De-X2FvOgk4CYBSz8-W3_eO4WMAhpjGxRCHRKgesCZFz--5FU5rDI2L7C99hxCzGiiw9tX6c55_sm5_M1aTl_HhP65bcfqW4xDJjIgkYtUcNFXrATP8aS7ZyOhhQiqk_iGi-WFjeUaNSU2ENMwzSa1YRZi9IY9N3KuyyNq2GdJXKxUFB6NtSuHWqUpAe6oospEOHxVWP1D9UZu-uTzrpEque07Nix5VeO-DDOX1Fb2t4AMlKtnbE0PMn5g7pP7KTR9_IHWHJU8Y5YxG1zR0y_DOYdYSPW5Ey5n9yVn2GXnkYbDwiPafZvhGWQyteHtdstNhQhmwzczmHGH485GhHaNgESmIR6Fra-qWOy9YbDCj_GPu_-HkjqZePvbbl_cZb0YrIz66vDmd5-sAQYMi00AzexYpgwZpSEHo5jWqHA6y_082KGfoNXIh9IGKDeXgF_SPThCCxYFWPg8ElB6udpWbTEqWQbPX9wVJc3-147_ioWm6xcjJJfpH1QaDZavpkmz-8_lv2sJ66un2a2enNaerm1J7f8OKqyxmHLc5AUd5TdS-Rr7wRODzRnIE7PlK6VOQ3AZSTORTjDysspupgVawHqWPO7FwsYJWF1NCUEkG1WYBCyez3Dx6Id5bI2_XLKaZq-Tm5squ5CSoArKgsXkn8vDPfoDQFERezCH5_Rm3IVGU1x-eBd8o_psaXEkM3s8c_EJAP3D0EtpezFt5atxqcZIU-0vClugoIVUVMCH-HQXz6a61fYZRLWgb3ZZ1Q7uzKlkZoMTtTJMUX7vfzXrwJC7RFfPQbdvtUrpL5eAbxmczH5iaNVO4D_UVUVxndmtMPBT_7fgLo3JaTDIphemBaxbOq9visz0IW4ItziMCKnH6krTPafSAO66g1Dh7R9on_CcHfhPJFH4bMhpbWIReBjGdWxW5ywGff2xTCYxKCBf5JQZg7Lc1qu4CecrjPnGEMo8QgjCGLzE4XjqIMEtKQhB2qwCZ255DSzi27WEJj_wflLC71JdxDnMmqkBEu_F0qIU-del5aeMyrFyzw9hYTutXSWLCq_mVcIwAXDMij7oX-_BlbURv2kiwFtRBU8RFfm4hrUe2eh31tCosWLfEBm2xfa_tXC7Rr1Pjz7u5Z_r9u23AIzW2wzX1dgtmrmumj4oPugu_x8Z6_qJxEdJ6TirHa3YDop6gelcxPyuN6rSxCFobhv1DppQ1jmRdSO8SyZ3owdwKQwR79BvD2cRmk41OIMcPrzE85SlC8RErwWwNg4TlzJf215ta-xy-g3HS3fC7DAiF6xffLKMvA9J_Q-K_sEMOXR3T_sYsZfxH505rGC6fsAi9Nrd3NaX1-QS2zMgAfhSkECyAw3RU_XD-BSuXgZ9Z9orcfOMmheDhprdHmum1Ler1vlsAifvBrj6gRRLud8s5CATYttY4t-I76u-R2MuxV3I0tM2ALzu_LXLOg6bQUQNR3mjlWD4v9vliT98Oj6yqrTV32oyoeebZZkyY50aMo4TSWi5AHeDgmAp78-vQd6riae_wYGt-dFtt0IHjyCiEIJzupVoWEVt6Mu9qN2C08tawvsXw&cid=CAASJORo_tbV1TZ6GcZ9ybYILwX_DOTsgpRRkyCLUoGkL-bXs13DGQ&rfl=1%2Chttps%253A%252F%252Ffilesamples.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 22:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10539
x-xss-protection
0
server
cafe
etag
1532328290632562463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Jun 2022 22:21:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EA24 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 12:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 12:04:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D492 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
URL: https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
59542
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 02 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EA24 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99ed39018bc88e0a5844f3e35f1c166da9e1b11a16cb28840ef6fb8c0a08ba08

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 96EB 		22 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
123707
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 12:04:19 GMT
expires
Wed, 31 May 2023 12:04:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
google
match.adsrvr.org/track/cmf/ Frame D492 		0
0
sync
x.bidswitch.net/ Frame D492 		0
0
sync
dsp.adkernel.com/ Frame D492 		0
0
sync
rtb2-useast.e-volution.ai/ Frame D492 		0
0
cm
a.rfihub.com/ Frame D492 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame D492 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
demo.connatix.com
URL
https://demo.connatix.com/Automation/Feeds/Twix.xml
Domain
demo.connatix.com
URL
https://demo.connatix.com/Automation/Feeds/Twix.xml
Domain
demo.connatix.com
URL
https://demo.connatix.com/Automation/Feeds/Twix.xml
Domain
demo.connatix.com
URL
https://demo.connatix.com/Automation/Feeds/Twix.xml
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESENubBKs4Ls5k-HrK_0u5AnI&google_cver=1&google_push=AYg5qPLROufttNZFl2U7yNDsxRjqbZJwr8W8Wr5ji54FBX6aMcY4nRoXxUg9bd5DPA-fUVW6tMFNahSPfvNS4jEICGiQn7ALI4Sa
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3281478612038668457
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7104401465567672472
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=7uuAVPiyTFl5JzezVVusB9mKxGk
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YpfnfgAFwr7OYgAo&gdpr=0&gdpr_consent=&_test=YpfnfgAFwr7OYgAo
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Domain
s.tribalfusion.com
URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
matching.truffle.bid
URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Domain
loada.exelator.com
URL
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgjTXTWMXRXVnRUaM
Domain
match.taboola.com
URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=307da0ad-64fa-4e88-9948-6ee385607b41-tuct9916cfe&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHxwh-VkYQxWsSZw_o_-3bE&google_cver=1
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2515579688149388883
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1305826402125705105&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bO2y6D_ovLp35u7pbL6muzzu7e13u-3naO8H4YD4
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xvvdOYtE2uVCQc0SLs8yztLxlHmz8fA-~A&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3186348006765209032&gdpr=0&gdpr_consent=&us_privacy=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:47e27b2e-c894-46a6-8c88-2e43460ee3c8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171654112646377&correlator=4024442745387760&eid=31067773%2C31061167%2C31065401&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21732118914%3A22573772600%2Cfilesamples_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=9&adks=540251406&sfv=1-0-38&ecs=20220601&ris=1&rcs=3&fsapi=false&prev_scp=a%3D%257C3%257C%26iid1%3D8487947841494820%26eid%3D8487947841494820%26t%3D134%26d%3D176527%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod96%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dfilesamples_com-medrectangle-2-8487947841494820%26eb_br%3Dc6ffcfdd3dd19ac09fbf0cb03baa3e4b%2C8c5ffefb122f59a66a8b7672d4452af2%26eba%3D1%26ebss%3D10061%2C11304%2C11307%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D36%26br2%3D220%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C16%2C28%2C67%2C45%2C0%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2339%2C3054%2C774%2C20%2C2310%2C2526%2C2527%2C2763%2C2764%2C2765%2C3154%2C17%2C20%2C2310%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3154%2C835%2C17%2C19%2C20%2C2310%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3053%2C3154%2C835%26hb_bidder%3Dmedianet%26hb_adid%3D406c4418df8bf4f%26hb_pb%3D0.02%26hb_format%3Dbanner%26hb_ssid%3D11307%26hb_opt%3D0.02%26hb_rt%3Dclient%26lb%3D120%26reqt%3D1654122366622&eri=1&sc=1&cookie=ID%3D65ada3f94c60f67d%3AT%3D1654122361%3AS%3DALNI_MbUvPjXHESVhkykSQ7zxXm99zqJCg&abxe=1&dt=1654122366632&lmt=1654122366&dlt=1654122360128&idt=1148&biw=1600&bih=1200&adxs=436&adys=1110&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffilesamples.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&fws=512&ohw=0&ga_vid=110614979.1654122361&ga_sid=1654122361&ga_hid=55930572&ga_fc=true&btvi=0
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEF8avARainHieiVzgB0lfI&google_cver=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK1BDGPuRMjz0qezC8oUdJM&google_cver=1&google_push=AYg5qPIDna8Sn78JbBRTddvN96Gpuwr6W3Xe58HTkd7LsnsWwy7PJyaSfCXTXGDgO05QPeN17oZS8Fvbh3TbSkGjMJDeyNhvHaA
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJP5yvNqkKpzlBuxsRsou4o&google_cver=1&google_push=AYg5qPJO8AuImzUXavuTO64B6tswic0csQEd25EryGrTGxPlBrADi3La5_ZPjj0WPEHEWTB0sSzPPb0wgfX8GxgYBEj7OUK4upQS
Domain
dsp.adkernel.com
URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEK3xgAN2a3uvU5z8Y2scQV4&google_cver=1&google_push=AYg5qPIgTdEsr9YYRT3-7qU84mah8hICN2oh36t2ZmXF1aFZw5xHZsD5y9APIvSx059DguEfvUTgOpvYpagTGbQTm-n4Q8fuxWs
Domain
rtb2-useast.e-volution.ai
URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESECkfCTMReC1awsYcWwp71A0&google_cver=1&google_push=AYg5qPKMCbsFC8WV0fBjK07XEDViNXzFjOvsxKbKkJkv2_f0Ez3baO-0yVo2AEdPISpp2-aOsu3Ula9HMokkMYSnJStaSCkvQ6_XEw
Domain
a.rfihub.com
URL
https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPtcUWRzdt-A5UijMqE0HxU&google_cver=1&google_push=AYg5qPKOnxbLkLRx7aUuMaAc2vfAmq-pl7WN0msF63HjFso6WowN4d_UNLNZqHoGNOUSCL-hv0B684SpaX98uWXR_abq1A_r9vhz
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lin8dTRapdM7IrySenoW7uH62_p4ccpFmWLXo77pP6CobNTOtiz6v-SeQpRA

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| __ez function| runEzoicStandaloneForAll object| ezstandaloneForAll number| ezSafaTimeCreated function| gtag object| dataLayer string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable boolean| cmpIsOn function| jQuery function| $ undefined| __ez_dims boolean| ezCanEngagePage object| cmpCookies object| __ezCmpConfig object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| __ezDotData function| ezocfol number| netStartTime function| hashCode function| ezogetrqbykey function| ezorqs function| ezorqe function| _fEzDt function| ES6Promise function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| setImmediate function| clearImmediate object| nunjucksPrecompiled object| ezCMP object| __ezcl object| text number| indexKey number| ezodomstart number| ezoIint function| _ez_TOS_TrackEvent number| ez_tos_track_count number| ez_last_activity_count function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ct object| ezdent object| ezDenty object| ezmt object| ezua object| ezuxgoals object| _ezfd object| gaplugins object| gaGlobal object| gaData object| metricNameMap function| ezlogVital object| webVitals function| initEzux object| riveted string| ezStandaloneDefine string| ezStandaloneDisplay object| ezSelectedPlaceholders string| ezStandaloneCookies boolean| _ez_sa function| ez_isclean object| ezSlotKVStore function| ezSetSlotTargeting function| ezGetSlotById function| ezSetTargetingFromMap object| ez_queue function| sort_queue function| execute_ez_queue function| ez_write_tag function| in_array object| ezrpos undefined| ez_current_interval number| ez_current_load function| __ez_fad_load boolean| __ez_fad_floatshowd function| __ez_fad_floatshow object| __ez_fad_initslot object| __ez_fad_fastd object| __ez_fad_fastdiv object| __ez_fad_fastslots object| __ez_fad_viewslots object| __ez_fad_instaslots object| ezslit_run object| __ez_fad_divs object| __ez_fad_divsd number| __ez_fad_vw number| __ez_fad_vh number| __ez_fad_count function| __ez_fad_invisible function| __ez_fad_position function| __ez_fad_add function| __ez_fad_fast function| __ez_fad_csnt boolean| __ez_fad_haspo function| __ez_fad_rdy function| __ez_fad_docht function| __ez_fad_vpht function| __ez_close_anchor function| __ez_set_cnx_floor function| __ez_auto_adjust_cnx_float number| __ez_fad_doc_ht number| __ez_fad_vp_ht boolean| __ez_fad_hascp object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __s2sinstreambidders object| __allBidders string| __sellerid string| __schain_domain string| __ez_nid object| ezasVars number| stPixelInterval object| ezoibfh object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd number| __ez_fad_pbt function| __ez_fad_gpt function| __ez_fad_pb function| __ez_fad_scroll number| __ez_fad_init_scroll number| __ez_fad_scroll_delta function| __ez_fad_check_scroll_override function| __ez_fad_wheel_check function| __ez_fad_touch_check boolean| __ez_fad_scrollmond function| __ez_fad_scrollmon function| __ez_fad_chkpos object| divNode object| parentNode object| __banger_pmp_deals object| _ezim_d object| _ezaq function| create_ezolpl function| attach_ezolpl function| cnx number| ezobv object| ez_ad_units object| ezslots object| ezsrqt object| __ez_fad_divpos boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| __advertiserRule object| ezslots_raw object| google_reactive_ads_global_state function| ezasvEvent function| ezaslEvent object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoSTPixelFire object| googletag function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb object| perf_vals object| ezux number| _ez_fad_vw function| epbjsRequestAdUnits function| epbjsRefreshSlot object| ezoptbid string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL object| ezomash function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosethbbids function| ezoSyncToDfp function| ezoGetDFPSlot function| ezGetSlotViewedTime function| formatBid function| adjustHbValues function| ezasBuild function| ezorefgsl object| epbjsChunk object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue function| EzoicMash object| ezoic_mash function| onmessagefunc function| SetSlotTargeting object| cnx_usr_storage undefined| google_measure_js_timing object| ezslot_interstitial object| ezslot_2 object| ezslot_0 number| i3 object| googleToken object| googleIMState function| processGoogleToken object| slots string| slot number| google_unique_id object| GoogleGcLKhOms boolean| ezowwinit number| bid_val number| bid_decrease_amount object| player_instance_6a2931c122664158ba94da7e247dacaa object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins function| cnxProxyTask number| google_global_correlator number| ezouspvv string| slotElName object| parts object| ampInaboxIframes object| ampInaboxPendingMessages object| closure_lm_718878 object| google_image_requests number| cnxFloatOffset function| cnxAddEventListener

49 Cookies

Domain/Path Name / Value
.filesamples.com/ Name: ezoab_176527
Value: mod96
.filesamples.com/ Name: ezCMPCCS
Value: false
filesamples.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
filesamples.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.filesamples.com/ Name: ezoadgid_176527
Value: -1
.filesamples.com/ Name: ezosuibasgeneris-1
Value: 3b385b93-fec7-42fb-7611-d36fb10bd4b0
.filesamples.com/ Name: active_template::176527
Value: pub_site.1654122360
.filesamples.com/ Name: _ga
Value: GA1.2.110614979.1654122361
.filesamples.com/ Name: _gid
Value: GA1.2.1675769847.1654122361
.filesamples.com/ Name: _gat_gtag_UA_154360290_1
Value: 1
.filesamples.com/ Name: ezoref_176527
Value:
.filesamples.com/ Name: ezovid_176527
Value: 698905729
.filesamples.com/ Name: lp_176527
Value: https://filesamples.com/
.filesamples.com/ Name: ezovuuidtime_176527
Value: 1654122360
.filesamples.com/ Name: ezovuuid_176527
Value: 2c218eb7-1208-4ee2-6b9f-9b04d9dcb1f8
.filesamples.com/ Name: ezopvc_176527
Value: 1
.filesamples.com/ Name: ezepvv
Value: 211
filesamples.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChgIkfo_EAoYASABKAEw-c7flAY4AUABSAEQ-c7flAYYAA..
.adnxs.com/ Name: uuid2
Value: 1305826402125705105
.a-mo.net/ Name: amuid2
Value: e2eb1153-2134-42a3-b252-dae82c19a18f
.prebid.a-mo.net/ Name: sd_amuid2
Value: e2eb1153-2134-42a3-b252-dae82c19a18f
pb-server.ezoic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZTJlYjExNTMtMjEzNC00MmEzLWIyNTItZGFlODJjMTlhMThmIiwiZXhwaXJlcyI6IjIwMjItMDYtMTVUMjI6MjY6MDEuNTA5MzMyNDFaIn19LCJiZGF5IjoiMjAyMi0wNi0wMVQyMjoyNjowMS41MDkzMjYzOThaIn0=
.filesamples.com/ Name: _pubcid
Value: 7b1a5000-fa51-4127-8f14-eb9b67a48d15
.doubleclick.net/ Name: IDE
Value: AHWqTUmDuf0do3j07XhFKzk82LX52zGCpzCBwDxe4_LZ4uDLnIOLA4DhFasaHReAVy0
.filesamples.com/ Name: __gads
Value: ID=65ada3f94c60f67d:T=1654122361:S=ALNI_MbUvPjXHESVhkykSQ7zxXm99zqJCg
filesamples.com/ Name: ezouspvv
Value: 400
filesamples.com/ Name: ezouspva
Value: 1
filesamples.com/ Name: ezouspvh
Value: 400
.360yield.com/ Name: tuuid
Value: 66ac07d0-00ba-492f-a3f2-14998ce77f4e
.360yield.com/ Name: tuuid_lu
Value: 1654122362
.simpli.fi/ Name: suid
Value: BD9AB5622DEA4E07A7260A599D6F3250
.w55c.net/ Name: wfivefivec
Value: wnY8zk671NWwMW5
.w55c.net/ Name: matchgoogle
Value: 5
fksnk.com/ Name: AWSALBCORS
Value: sRyVqDwdzJfze6XviY+1iKmsVW7eJc6MMBhqd7L3ivEUwPy+U6YOh9uTPPQvln6mvmds2MAzhiNjoAlxMtV70JUerZ6ydkKtT3+QMmjmmIfirIazLlMJUXvPOSN1
.fksnk.com/ Name: f_001
Value: 00F1D5A22CA21BA1
.fksnk.com/ Name: g_001
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Ilhrk(N9!]tbP6j2F-.aE@%O4WYq=BWzwe'=3O.A_!siTFO*4#!tu00f9]fBBs.h/DlhgxcP^agkA]/X+GY1Qw21dE<xN
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiIxMjQ2ZjAwYmM1OTljMmFhNDlkZjAzMjVjYmY0NjNmNCIsImV4cGlyZXMiOiIyMDIyLTA4LTMwVDIyOjI2OjA1WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA2LTAxVDIyOjI2OjA1WiJ9
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 552ecdb3830df8fb
.spotxchange.com/ Name: audience
Value: d402e827-e1f9-11ec-be47-1a3233820406
.filesamples.com/ Name: cto_bundle
Value: oVz6R194ZjVSZiUyRmV5dkR5WG9PTnFQM1VGY3J3VW92bUZLUCUyRktORTQwd2J3MFlhWUZRUmh0N0glMkYlMkJGSkFzc2pZTzF0cnR2UUpRRUs1WGlhaSUyQnZnSENRJTJGQ2lab041WEVqQ0tyN0dpJTJGMTlMZlAxRllXV01lSHd6JTJCVWZzT20zJTJGeG1JbmRhWg
.filesamples.com/ Name: cto_bidid
Value: 9rpFPl8lMkI4YW9MQ1hLWXB3ZiUyRkZIVDk0aENxRkVWVnk4a1ZTYVlZMnZTNEolMkZBWGwwYm9Qem9kdldSWlZSRVJoam0xdU5vUXBYZmklMkIlMkJWbTJNalFOeDBSeWxuZlElM0QlM0Q
.casalemedia.com/ Name: CMID
Value: YpfnfgzS7IYRVMaPrW1apgAA
.casalemedia.com/ Name: CMPS
Value: 711
.smilewanted.com/ Name: sw_user_params_infos
Value: mdW3iBuTJv7p6LF2jjZEUg7FKl%2FVq%2BDkESMqfYYgRfREr7o4oYsDro7Qm3Q7esQ7qxwpgoRsZwTtQmeix7fMzLS0UvajwXWUCde27k3rQzEvDq5Gea8yAOTxH4dnobE8yLqwCUuyvmC2hAMeEFpoQ0dba%2FIRbzt4Gb8LCgIvYprCUQL%2Bgzzw6GaQNF5LaHKl7I%2FOW9%2FSu%2FMOCnHZ%2BPiClx7lIDU1Okx2C4VEm898%2FCmzHBXF2acR6SXFtJiJGXck%2BbfLRzT%2F5AjI392L%2BzDDS0P6a0JwhCRzhY4sSqhS6YgI0tusRb3Sl6sjhZAtJOjQqtYiccsyaY0MPPZHdTArwg%3D%3D
.casalemedia.com/ Name: CMPRO
Value: 694
.casalemedia.com/ Name: CMST
Value: YpfnfmKX534A

4 Console Messages

Source Level URL
Text
network error URL: https://demo.connatix.com/Automation/Feeds/Twix.xml
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://demo.connatix.com/Automation/Feeds/Twix.xml
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://demo.connatix.com/Automation/Feeds/Twix.xml
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://demo.connatix.com/Automation/Feeds/Twix.xml
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

475bc36b2010fe76e142acbfbda24566.safeframe.googlesyndication.com
a.rfihub.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
basher.ezodn.com
bh.contextweb.com
bid.contextweb.com
c1.adform.net
c2shb.ssp.yahoo.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.connectad.io
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
contextual.media.net
core.iprom.net
cs.chocolateplatform.com
csync.loopme.me
csync.smilewanted.com
demo.connatix.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
ezodn.com
filesamples.com
fksnk.com
fonts.googleapis.com
g.ezodn.com
g.ezoic.net
go.ezodn.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
loada.exelator.com
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pb-server.ezoic.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubmatic-match.dotomi.com
rtb2-useast.e-volution.ai
s.tribalfusion.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssp.adriver.ru
ssum-sec.casalemedia.com
static.smilewanted.com
sync-eu.connectad.io
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
tag.1rx.io
tg.socdm.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.rfihub.com
cm.g.doubleclick.net
cs.chocolateplatform.com
demo.connatix.com
dsp.adkernel.com
dsum-sec.casalemedia.com
image2.pubmatic.com
image4.pubmatic.com
loada.exelator.com
match.adsrvr.org
match.taboola.com
matching.truffle.bid
rtb2-useast.e-volution.ai
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sync.mathtag.com
x.bidswitch.net
141.94.171.216
141.95.98.71
142.250.185.162
142.250.74.194
147.75.38.124
151.101.129.108
151.101.194.137
151.101.2.137
151.101.66.137
159.122.14.34
172.67.10.198
178.250.2.146
178.250.2.151
18.156.195.47
185.255.84.150
185.64.190.78
185.86.137.131
185.94.180.124
185.94.180.125
195.5.165.20
198.148.27.134
198.148.27.140
2.20.157.55
2.22.32.24
202.241.208.100
204.237.133.116
213.19.147.43
23.35.236.201
23.88.75.187
2606:4700:10::6816:36ce
2606:4700:3035::6815:11fc
2a00:1450:4001:800::2004
2a00:1450:4001:801::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2008
2a00:1450:4014:80e::2002
2a02:2638:1::13
2a02:fa8:8806:20::2010
2a05:d018:d29:3601:6b88:e1e2:688e:aa3b
2a06:98c1:3120::3
2a06:98c1:3121::3
3.136.200.104
3.66.136.156
34.107.148.139
35.156.95.138
35.158.166.215
35.71.131.137
37.157.4.23
37.252.172.250
51.89.9.252
52.48.107.84
54.234.175.113
63.251.232.170
66.155.71.25
69.173.144.139
81.222.128.215
99.81.70.153
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
072a0061e650a5a819b9b3746ec700a4510d43082aebabd410a036c60d76dae0
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09030e524abb4b7e850c76d10d0663c39e94a385bc2c03428197f2deaeceb6d0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e76e30ef7e1c47bf28c1691805df7d5059b258d9a23b06048bba548f08bcc1d
121a7895494cf562e623fea3fd368f7a796af3d9b3d971774f0909c6d2d8f94e
198ea2d24a5c0834e08503e4c8d7137ca5a408f16950c32d3c90a3199a1be030
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
1d09bd9bf1757c0859846fc1837c917c616cd5fe777fa66ac18058f86b032627
1d93d63cbc86571ea044b46ca00719d3b5af53ed5bd33abe5ed2a9a95ffcc3bc
1e275bd1de537a8ed650f200415166cf98157ca6684ab92e17110604260d5066
20567f6e955396d07a86d7911d0a6d1bd02e3245d1d1df9fe8dfac8c2359b9e9
207fec9ba245692b4c407e8da8951095a287b8d40db9b0a852a4aca07c6a3855
240645802d5b3baf51f7c4a3b8b25d41f7101c2ca6b8029d048f9309571ae421
279ec17b447a7e42264021cf46c4e3e83d464de13640827e8d1f11db65417b8b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29423a53e5a231c0002fe62f9866c790fa23e62062a34939ee0cc0cd0bf24f28
2d4af0388e203196017340fee6ff0513441d72eda6f69f5f2b3878b1ea980717
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34672b7fe8ea0bf7d5610f63f912ccff24d3f77cd8a531db2586e2bba2e18dfe
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3d68c01c6291c27499240350fd0ae9bb1d23e53fb89a4b9abfa42492c14054
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
4721248efa926d8a2c1a36b1fec28d4208378d8b8b1b43b0fa4a91a7a976d8d4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a
559539863676ce8b7493956a42958ab940d9b1fe8587e23d56832a56d8369dc3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565c527fe8f92c8a9eadddf2a0e16eb40bbff31298fc67064f090e515f882b6b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e191aaa51a298350551b681ffdf7a691f3e906c268b4fb2510f64b9a0ff7fa8
60336c13eea75c96878f24585b6f20a843e7ce7fd3f23af03f6ccad8d9119690
61ac55e97345cd64e16215841139f999e2066f531793a962e2e29ec99472ff6f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636e5f5b2eebe0800656a171c6ee9d34ee67cbae3d745983c48d4a5474421d53
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668ad51d1b3690658876813ff78f36ddefb9a04ac86fd3a336d5306fdc25ec5a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c943e7ed01a7de4689fa207b0eda00285e1dfdfa2ba75ec626cff10069b5d56
6e34ee9c29fca0e065bf19aefa870945e9d47cb92df2ecd332e0466b686d69d4
6f980c160e1056ae03f4277e5c9c9b41466ec277b392875568aaef372e1e0eab
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
809f2323f293ce82641f71214f7af0ba867773b86ca176f1fcf4afa8e5fac054
82009546877bd0e33897de19d48b10a89c32182f68eeaecd8461d0e94dc80873
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
849c430c31cceb0455b9cdc506aaea6d1a482fd01bb964acf22685a79a5649a6
8866434080a80329d0fcf99f32c9125b0ce75612ce93741ab3e6051b6e22f2e9
89fcef2fe8204ec89e703202f4313758021687559f6216a92b5379a753015e9e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f401f18a623fd68e57adad0c1ebe8ad325cabc6212caccdb143957d6ae276ca
90e940f4b76a6a3db249629eee3188c06721ad96e8b73b40ac659c9971281b8a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99ed39018bc88e0a5844f3e35f1c166da9e1b11a16cb28840ef6fb8c0a08ba08
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4e6cb2e31f51081fbac3c2943b118b4ddc3b8cbf243c8fa438d0065b4688db
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19643aa47aeee6f664e5b4f825b784ae76b84eacbd8dab2ef588d4f6c9c93da
a2d50a8461b202821e22627b6e39b548afe6c5ea22d95be316ccb970c1ddb9fc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8faea04d91809f1f51bef23bb1680dafc6589c3539ba4bfb249c6cd6b4f5f25
aa7bdac43a2bedabe35a56d982b3ce99cdfc5cb359d6eef5feb14d472b6c98b1
abccfaecc2300427a6c96423b95f3cc2d8380aed3de9a9e25e91455e6c349d3a
b9b82ea470ebc8fc2c91d93a6bc279c1ef1e304cc66e97bb5ce77371bd0e8795
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
bac82a54806cc0d3d1bd428fcd9de26b89b746c8160abc922edd836df1d9d10a
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c33a373d4022f0feff7d405cf9d1870448ea7f6f3661a7f6fe4f12fa6085ed10
c5d9c9f6bbfd42b7c3c63a20fb54ba49978b53f6b981fbabe4d56dd90b2b44ab
c83c3fde7d39843c4ff04bd8f1c944876dcfdb4410b1df84606ae767ef31ef24
ca9f5ff3646cd660220484d9f417d638598404d9fade09b963bce32a4533b641
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04270929a7b55e11bad5612cec9a0bc6f99aa203065ebb49282a8e10ed3f897
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d7642cb8848761aeaf68ff0285b4c2ef4b5acf822739e4a0ea0a7d45c18b1f25
d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb
d92a11899a5768511f0431479d50a6fbabd9aa93099c062bc9f348fdb83be72b
da85da3b8ab561ce6f08d413090181e51d3191b8641df67d3897dcb567ca66e3
daf028afc101da7201cb211f9786b6a36f6bf60ad836dfe991306140efca2432
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adb3837e4411342aa9b52dafd1646c32196b17c56c5420b77b9abebebe0f4d
e75b27211e16fcf94715168001bb7055ca376d46f928110ba3d0825232452e5a
e8451281fd371d3f9c544a6874aab480f38026a3de5c84b31ab81fa2c91a4e84
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
ed9599a11d7b9e61c58e50ed37951405921652da8652da9a66331d4c991253de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae
f7de28c207214ce0f720d3edae93b3f1ba38c80fc59d310fa4328a6fbddcce90
fa61c48b9eb21b30c09a66491d7ce22bd222f9a5ac0378a26e465742f1dbf315
fb69f440fa1cce53b1205d707aae594a5d3d318fc2a53d92bd6901399e78e886
fe8b429ff633aa1b290d9ab5b91d4d910c9cc054e9f6f9f66e76697b8655279f